Panda discovers rootkit functions in new Bagle worm variants

Glendale (CA) - Anti-virus specialist Panda Software today said that newly found versions of the Bagle worm use rootkits to hide its activities on an infected computer. The firm expects that rootkits may become a widely used tool for cyber criminals in the near future.

According to Panda, the Bagle versions carrying rootkits are Bagle HX, Bagle HY and Bagle HZ. Using a rootkit approach, which typically are designed to hide objects, such as processes, files or Windows Registry entries, are trying to "download files from different Internet addresses" and to "disable a large number of services belonging to security tools, such as antivirus and firewall programs, among others."

Luis Corrons, director of Panda Labs, said that the creation and sale of rootkits in fact already has become a "real" business model for malware authors. Due to their capacity to slip past traditional security solutions and their versatility to hide on the system and carry out all types of malicious actions, rootkits have become an opportune tool for cyber criminals looking to earn them high profits," he was quoted in a prepared statement. "For this reason, it is highly probable that rootkits will become one of the main threats of the Internet."

TOPICS

Tom's Hardware is the leading destination for hardcore computer enthusiasts. We cover everything from processors to 3D printers, single-board computers, SSDs and high-end gaming rigs, empowering readers to make the most of the tech they love, keep up on the latest developments and buy the right gear. Our staff has more than 100 years of combined experience covering news, solving tech problems and reviewing components and systems.