Panda Software has revealed that the newly found versions of the Bagle worm are employing rootkit technology to hide their activities. Indeed, it’s expected that rootkits may well wind up becoming commonly used tools for cyber criminals in the near future. The Bagle versions carrying rootkits are Bagle HX, Bagle HY and Bagle HZ. Using rootkit tech, these worms can do some really neat tricks like hiding objects, such as processes, files or Windows Registry entries, and can download files from different Internet addresses. They are also capable of disabling security tools like antivirus and firewall programs. This represents a huge security threat to the average Internet user.
Luis Corrons, director of Panda Labs, said that the creation and sale of rootkits in fact already has become a "real" business model for malware authors. Due to their capacity to slip past traditional security solutions and their versatility to hide on the system and carry out all types of malicious actions, rootkits have become an opportune tool for cyber criminals looking to earn them high profits," he was quoted in a prepared statement. "For this reason, it is highly probable that rootkits will become one of the main threats of the Internet."