A rootkit is a piece of software that hides programs or processes running on a computer.

Malware frequently installs rootkits upon infection to hide its activity. A rootkit can hide keystroke loggers or password sniffers, which capture confidential information and send it to hackers via the Internet. It can also allow hackers to use the computer for illicit purposes (e.g., to launch a denial-of-service attack against other computers, or send out spam email) without the user’s knowledge.

Endpoint security products now detect and remove rootkits as part of their standard anti-malware routines. However, some rootkits may require a more comprehensive mitigation strategy.

Back to Security Threats A-Z

Back to Threatsaurus Home

download Threatsaurus: A-Z of Threats
Download now