Casbay Knowledge Base

Search our articles or browse by category below

SECURITY TIPS: RootKit Trojan

Last modified: October 1, 2022
Estimated reading time: 1 min

SECURITY TIPS: RootKit Trojan

Tips RootKit Trojan – Scanning & Prevention

Dear valued customers,

Our security team has reported that some of the VPS and dedicated servers have been infected with Trojan RootKit.
We would therefore like to take this chance to inform all of our owners of dedicated & VPS servers to be vigilant and try not to let Trojan RootKit in their servers.

Scanner Tools for RootKit Trojan
a) rkHunter – rootkit scanner, 
b) chkrootkit – another rootkit scanner, 
c) clamav – anti-virus scanner, 
rpm based installer,

If you need any further assistance, please contact us again.

In case if you are wondering,

What is a Rootkit?

A rootkit is an application/ set of applications that conceals its presence, or the presence of another application, like adware or spyware, on a device. Rootkits hide by using some of the lower layers of the operating system, including API function redirection or undocumented OS functions. This makes us almost unable to detect them by using common anti-malware software.

Have you ever wondered- where does the term “rootkit” comes from? In Unix and Linux operating systems (OS), the system admin, there is an all-powerful account with full privileges and access with no restrictions (similar to the administrator account in Windows). We call the account- “root”. Moreover, the applications that allow unauthorized root/admin-level access to the device and restricted areas, we refer them as- “kit”.

So, put the two together, you will get “rootkit”. In other words, a rootkit is a program that lets someone with legitimate or malicious intent privilege access a computer or mobile device. Through this, the person can now control the device remotely without the owner’s knowledge or consent.

Unfortunately, rootkits allow creating unauthorized access to computers. It aids cybercriminals in stealing personal data and financial information, install malware, or use computers as part of a botnet. The purpose is to circulate spam and participate in DDoS (distributed denial-of-service) attacks.

Lastly, imagine a burglar who wants to break in and steal from your home. They often dress in black to blend into the darkness and move quietly. However, unlike the thief who takes something and leaves immediately, a rootkit sticks around in your computer. It will eventually rob your data or manipulating what’s inside the computer over time.

Was this article helpful?
Dislike 0
Previous: Disabled PHP Functions
Next: AntiVirus: ClamAV