Malware researchers at Prevx have highlighted what they are calling a ‘massive growth’ in the number of PCs harboring rootkit infections. More than 725,000 PCs were scanned using the Prevx CSI malware scanner over a two-month period. Of the around 291,000 users who scanned their PCs during October 2007, some form of spyware or malware was found on one in six. Significantly, although rootkits were detected on 15.6% of PCs during October 2007, that figure had risen to 22% by early December. Rootkits are often ‘dropped’ or buried by other infections. They then modify a PC’s operating system to hide themselves from both the user and any security products installed on the computer. By so doing rootkits can allow criminals to remotely monitor, record, modify, steal and transfer data from the victim’s PC.

Some rootkits are undetectable by conventional antivirus and antispyware applications. A tech-savvy user may believe his or her computer is ‘clean’, and unwittingly pass on increasingly valuable personal and financial data. Since 1 December 2007, 114,891 new users have run Prevx CSI with rootkit-detection features enabled. Of those PCs, 1,678 had what Prevx describes as ‘significant rootkit infections’. That equates to 1.46% or approximately one in 70 systems, which is almost 15 times higher than the one in 1,000 rootkit-infected PCs previously estimated by industry experts. These botnets counting hundreds of thousands PCs have to work with something, right?

Source: PC World