CA has retrieved samples of Cool Web Search from the Internet with the rootkit features built in, but says the features are not as sophisticated as those found in so-called kernel rootkits, which replace parts of Windows' core processor with their own code, allowing the rootkit to be almost completely invisible to users and to many detection tools, Thompson said.
"The stuff I've seen is probably homegrown, but most of this [rootkit] stuff is open source, so it's easy to borrow a bit from here and a bit from there," he said. Cool Web Search is a ubiquitous piece of malicious code that is the most prevalent breed of spyware on the Internet, according to Webroot.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.