Beware the Rootbot

By Derek Sooman on May 18, 2005, 11:38 AM
The evils of rootkits seem to be spreading to other forms of malicious code, including viruses and bots. There is emerging evidence of the springing into existence of Rootbots - stealthy bots that use tricks learned from rootkits to avoid detection and to cause damage.

Mutating from the open-source rootkit FU, many new versions of a malicious bot called Rbot have appeared, utilising strategies employed by rootkits to evade detection. Rbot can, for example, hide itself from Windows task manager, or make itself invisible in other ways. This is causing great concern, even although it appears to have been the work of script kiddies.

The integration of FU with Rbot is crude and was probably done by an inexperienced hacker, or "script kiddie," who lifted the code wholesale from the FU source code, which was posted on the Internet by the rootkit's author, Jamie Butler (aka "Fuzen") as a proof of concept.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.