A rootkit is a set of software tools, usually malicious in design, which enable unauthorised access to a computer or areas of its software.
Unauthorised access to a computer is usually achieved without the user noticing, as the rootkit often masks its existence or the presence of other software.
The term rootkit is a coming together of the term ‘root’, which is the traditional name of the privileged account on Unix-like operating systems, and ‘kit’, which denotes the software components that implement the tool.
Rootkits can be installed in one of two ways on a targeted system – the first being an automated installation and the other being when the hacker installs after gaining root or Administrator access.
This access can be achieved in a number of ways, such as exploiting a known vulnerability or using social engineering to obtain a password.
It is often quite difficult to detect a rootkit, as it may be able to subvert the software which is normally used to find such malicious software.
Rookits can provide hackers with a backdoor into systems so that they can steal or falsify documents. Rootkits can also be used to conceal other malware, as well as turning the targeted system into a zombie computer for attacks on other machines.