According to security firm F-Secure, the number of rootkits attacking systems running the Windows operating system has rapidly increased this year.
This surge is primarily due to adware and spyware companies employing more sophisticated techniques to conceal their applications and prevent uninstallation.
To illustrate their point, F-Secure provided a specific example: ContextPlus, the developer behind the Apropos and PeopleOnPage adware, is responsible for a significant number of rootkit infections.
F-Secure’s BlackLight technology has enabled the company to uncover “advanced rootkit technologies” within the Apropos software—a spyware designed to collect web browsing habits and system information from users’ computers to send back to ContextPlus. Unlike typical computer worms or bots that use rootkit technology to evade detection and removal, Apropos uses rootkit technology to conceal its operations within the operating system.
Mikko Hypponen, a senior expert at F-Secure, stated that the statistics regarding rootkits from Microsoft are quite similar to those reported by F-Secure. “In the nine months since we launched the BlackLight technology, we have discovered findings similar to what Microsoft has observed.”
Meanwhile, Microsoft reported that up to 20% of the malicious software attacking Windows XP Service Pack 2 over the past year consisted of “stealth rootkits.”
