Rootkit Growth, Reports McAfee
Security report released on Monday by McAfee rootkits and notes an increase in the number and complexity of rootkit over the last three years.
In the first quarter, the number of rootkits observed by McAfee's Avert Labs grew by 700 percent, compared with the same period last year, the company said. Its research into "stealth techniques" also covered cloaking technology bundled with commercial programs, such as Sony BMG's antipiracy tool, and with potentially unwanted software such as adware.
In the first quarter alone, the Avert Labs found more than 827 stealth techniques. That contrasts with about 70 found in the same period in 2005 and with approximately 769 for the whole year.
"This trend in malware evolution is creating hardier and ever more virulent strains of malware that will continue to threaten businesses and consumers alike," Stuart McClure, McAfee Senior Vice President of Global Threats, said in a statement.
An "open-source environment" for development of stealth code among hackers is driving this rapid growth, McAfee said. Collaborative web sites and blogs contain hundreds of lines of rootkit code for recompiling and enhancing the technology, along with rootkit binary executables, McAfee said.
As a result, attackers have an easier time creating ways to hide their malicious files, processes and registry keys without extensive knowledge of the targeted operating system.
During the first quarter, 612 stealth components were submitted to Avert Labs, compared with 60 in the same period last year, the report noted. The first-quarter figure was also nearly equal to that for all of 2005.
Microsoft's Windows is the main target of malicious rootkits because of its high level of use, but many undocumented application programming interfaces (APIs) are also targets, according to McAfee.
In forecasting the growth of rootkits, McAfee noted that a widespread adoption of Microsoft's Vista may decrease Windows-related attacks, but that won't be in the near future.
"We can predict that, in the coming two or three years, the growth of rootkits for the current Windows architecture will reach an annual rate of at least 650 percent," the report stated.
To read the entire PDF report from McAfee click here.
In the first quarter alone, the Avert Labs found more than 827 stealth techniques. That contrasts with about 70 found in the same period in 2005 and with approximately 769 for the whole year.
"This trend in malware evolution is creating hardier and ever more virulent strains of malware that will continue to threaten businesses and consumers alike," Stuart McClure, McAfee Senior Vice President of Global Threats, said in a statement.
An "open-source environment" for development of stealth code among hackers is driving this rapid growth, McAfee said. Collaborative web sites and blogs contain hundreds of lines of rootkit code for recompiling and enhancing the technology, along with rootkit binary executables, McAfee said.
As a result, attackers have an easier time creating ways to hide their malicious files, processes and registry keys without extensive knowledge of the targeted operating system.
During the first quarter, 612 stealth components were submitted to Avert Labs, compared with 60 in the same period last year, the report noted. The first-quarter figure was also nearly equal to that for all of 2005.
Microsoft's Windows is the main target of malicious rootkits because of its high level of use, but many undocumented application programming interfaces (APIs) are also targets, according to McAfee.
In forecasting the growth of rootkits, McAfee noted that a widespread adoption of Microsoft's Vista may decrease Windows-related attacks, but that won't be in the near future.
"We can predict that, in the coming two or three years, the growth of rootkits for the current Windows architecture will reach an annual rate of at least 650 percent," the report stated.
To read the entire PDF report from McAfee click here.
