PandaLabs detected 272 percent more malicious rootkits in 2007 than in 2006. Programmes designed to hide certain objects and
processes, rootkits are used by cyber-crooks to hide the processes of malicious codes, making them invisible to security solutions and the operating process.
“Nowadays, hackers are no longer after notoriety; they simply seek to benefit financially from their activity,” explains Jeremy
Matthews, head of Panda Security’s sub-Saharan operations. “To achieve this, it is essential that their actions can go undetected,
as in this way they can increase the time that malicious code remains on a PC. It also prevents widespread alarm and causes users to drop their guard. Rootkits are therefore the ideal tool.”
Rootkits are continually evolving. PandaLabs has recently detected rootkits designed to replace the computer’s master boot record
(MBR) “ the first or zero sector of the hard disk ” for one of its own. This is something of a revolution in the use of rootkits,
making it even more difficult to detect the associated malicious code.
Fortunately there is hope in sight as PandaLabs has been able to detect so many rootkits through the development of an innovative security model called “collective intelligence”. This system is based on the collection of information concerning malware from the Internet community and the automated processing of this data in new
data centers. The data is correlated and leveraged to offer greater detection and improved security for Panda clients.
“Thanks to collective intelligence, we can detect much more malware in much less time,” says Matthews. “Bearing in mind that more than 3,000 new strains of malware appear every day, this model has allowed us to offer better security to our clients.”