Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
Indiatimes

Explainer: What is rootkit malware and how to remove it from Windows PC and Mac

Rootkits are powerful malware, actually a bunch of them together, that even your antivirus may find it hard to detect and remove from your system. Rootkits can be manually put inside the system with ...
Hackaday

Hard Drive Rootkit Is Frighteningly Persistent

There are a lot of malware programs in the wild today, but luckily we have methods of detecting and removing them. Antivirus is an old standby, and if that fails you can always just reformat the hard ...
Bleeping Computer

How to use Malwarebytes Anti-Rootkit to remove rootkits from a Computer

In the past malware infections typically consisted of worms, trojans, backdoors, and viruses that were easily detected, and for the most part, removed. To make an anti-virus program's job more ...
eWeek

Researchers: Blue Pill Rootkit Detectable

Dr. Chris Hillman, Global AI Lead at Teradata, joins eSpeaks to explore why open data ecosystems are becoming essential for enterprise AI success. In this episode, he breaks down how openness — in ...
ZDNet

Trend Micro ships free 'rootkit buster'

Trend Micro has quietly released a rootkit scanning/cleaning utility, belatedly joining the list of anti-vendors pushing out free standalone tools to nab the stealthy computer threats. Trend Micro's ...
eWeek

Malicious Bots Hide Using Rootkit Code

Dr. Chris Hillman, Global AI Lead at Teradata, joins eSpeaks to explore why open data ecosystems are becoming essential for enterprise AI success. In this episode, he breaks down how openness — in ...
Infosecurity-magazine.com

New Syslogk Linux Kernel Rootkit Uses "Magic Packets" to Trigger Remote Backdoor Access

A new Linux kernel rootkit dubbed ‘syslogk’ has been spotted in the wild by Avast cybersecurity researchers. According to an advisory by David Álvarez and Jan Neduchal, syslogk would be able to cloak ...
Hosted on MSN

SonicWall releases rootkit-busting firmware update following wave of attacks

SonicWall on Monday released a firmware update that the security vendor says will remove rootkit malware deployed in recent attacks targeting Secure Mobile Access (SMA) 100 appliances.… The update ...
WeLiveSecurity

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

The mysterious Avatar rootkit, detected by ESET as Win32/Rootkit.Avatar, appears to reflect a heavy investment in code development, with an API and a SDK available, plus an interesting abuse of Yahoo ...
TechCrunch

Scranos, a new rootkit malware, steals passwords and pushes YouTube clicks

Security researchers have discovered an unusual new malware that steals user passwords and account payment methods stored in a victim’s browser — and also silently pushes up YouTube subscribers and ...
Ars Technica

Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us

Researchers have unpacked a major cybersecurity find—a malicious UEFI-based rootkit used in the wild since 2016 to ensure computers remained infected even if an operating system is reinstalled or a ...