·

Kaspersky develops detection method for rootkit-masked malware

Kaspersky develops detection method for rootkit-masked malware

Internet security firm Kaspersky Labs has developed a method for detecting malware masked by rootkits – programmes capable of altering the outcomes of system functions, therefore reducing the efficacy of cybercriminals.

“Cybercriminals use rootkits to prevent security solutions detecting malicious programmes such as Trojans. To do this a rootkit masquerades as a legal driver, integrates with the OS kernel, intercepts system function calls from applications and modifies the results of their operation, deleting any references to files and processes related to the Trojan,” Kaspersky said.

“This means the presence of malicious code can be masked – a dangerous programme becomes invisible to the user and to other applications,” said the company.

The Kaspersky application is used to detect objects masked by rootkits.

“Masking malware programmes with the help of rootkits makes it much more difficult for anti-malware solutions to detect threats. This newly patented technology provides a reliable method to identify objects that are disguised in the system, helping counteract the most dangerous attacks,” said Vyacheslav Rusakov, malware expert at Kaspersky Lab.

Posted in: Internet

Latest headlines

Latest by Category

Tweets about "humanipo"