Hackers are back in fashion and can steal for years

Rootkits are used by hackers to embed persistent, seemingly undetectable malware on your device that quietly steals data or resources, sometimes over several years. They can also be used keylogger-style, monitoring your keystrokes and communications and providing the onlooker with privacy information.

This particular hacking method was more relevant before 2006, before Microsoft Vista required vendors to digitally sign all computer drivers. Kernel Patch Protection (KPP) caused malware writers to change their attack methods, and it wasn’t until 2018’s Zacinlo ad fraud operation that rootkits came back into the spotlight.

The rootkits prior to 2006 were all specifically based on operating systems. The Zacinlo case, a rootkit from the Detrahere malware family, gave us something even more dangerous in the form of a firmware-based rootkit. Regardless, rootkits only make up about one percent of all malware output seen each year.