Glendale (CA) - Anti-virus specialist Panda Software today said that newly found versions of the Bagle worm use rootkits to hide its activities on an infected computer. The firm expects that rootkits may become a widely used tool for cyber criminals in the near future.
According to Panda, the Bagle versions carrying rootkits are Bagle HX, Bagle HY and Bagle HZ. Using a rootkit approach, which typically are designed to hide objects, such as processes, files or Windows Registry entries, are trying to "download files from different Internet addresses" and to "disable a large number of services belonging to security tools, such as antivirus and firewall programs, among others."
Luis Corrons, director of Panda Labs, said that the creation and sale of rootkits in fact already has become a "real" business model for malware authors. Due to their capacity to slip past traditional security solutions and their versatility to hide on the system and carry out all types of malicious actions, rootkits have become an opportune tool for cyber criminals looking to earn them high profits," he was quoted in a prepared statement. "For this reason, it is highly probable that rootkits will become one of the main threats of the Internet."
