Why are RootKits so dangerous?
The main form of an attack for a rootkit is stealth. They will hide away, deep in the recesses of your computer. Because they have administrator-level access they can do things like hijack your Windows searches and hide any information about the RootKit, control your Anti-Virus software and tell it to ignore the RootKit, hide from the list of active processess. And a whole lot more besides!
The most famous RootKit was one that was installed by some Sony audio CDs. Sony hid a RootKit on people’s computer as part of its Digital Rights Managment strategy. This gave them effective control of a user’s PC. A security expert called Mark Russinovich (of Sysinternals) discovered the Sony RootKit, and it made the news the world over. Sony had to issue a download so that people get the RootKit off their computers. They also recalled all the music CDs that had the RootKit software.
It’s the fact that RootKits are so difficult to detect that makes them dangerous.