Malware researchers at Prevx have highlighted what they are calling a ‘massive growth’ in the number of PCs harboring rootkit infections.
More than 725,000 PCs were scanned using the Prevx CSI malware scanner over a two-month period. Of the around 291,000 users who scanned their PCs during October 2007, some form of spyware or malware was found on one in six.
Significantly, although rootkits were detected on 15.6% of PCs during October 2007, that figure had risen to 22% by early December.
According to Prevx’s Jacques Erasmus: “The rise of the rootkits has begun.”
Rootkits are often ‘dropped’ or buried by other infections. They then modify a PC’s operating system to hide themselves from both the user and any security products installed on the computer. By so doing rootkits can allow criminals to remotely monitor, record, modify, steal and transfer data from the victim’s PC.
Some rootkits are undetectable by conventional antivirus and antispyware applications. A tech-savvy user may believe his or her computer is ‘clean’, and unwittingly pass on increasingly valuable personal and financial data.
Since 1 December 2007, 114,891 new users have run Prevx CSI with rootkit-detection features enabled. Of those PCs, 1,678 had what Prevx describes as ‘significant rootkit infections’. That equates to 1.46% or approximately one in 70 systems, which is almost 15 times higher than the one in 1,000 rootkit-infected PCs previously estimated by industry experts.
In the first nine days of this month alone, 93 companies used the free Business scan feature of Prevx CSI. Of these companies, 68 had one or more infected PCs. Thirteen companies, or 14%, had one or more PCs harboring rootkit infections.
These stats don’t take into account the fact that users who scan their PCs are more likely to have concerns about infections.
“Consumers and businesses have a significant new threat to security and privacy to worry about,” said Erasmus.
“Rootkits are often undetectable and extremely difficult to remove. Both detection and removal are well beyond the capabilities of traditional antivirus, antispyware and internet security suites,” he added.
Comment: edit@itworldcanada.com