Hacktool.Rootkit

Hacktool.Rootkit comprises a set of programs and scripts that work together to allow attackers to break into a system. If Hacktool.Rootkit is detected on a system, it is very likely that an attacker has gained complete control of that system. All files that are detected as Hacktool.Rootkit should be deleted. Infected systems may need to be restored from backups or patched to restore security.



Rootkits first appeared on the UNIX operating system. Administrator/Superuser accounts on UNIX systems are called root. Rootkits are kits of programs that are designed to gain root access on a system. The term rootkit now refers to any set of tools that can be used to gain unauthorized access to a system.

Protection

• Initial Rapid Release version 27 September 2001
• Latest Rapid Release version 23 November 2009 revision 033
• Initial Daily Certified version 27 September 2001 revision 007
• Latest Daily Certified version 23 November 2009 revision 023
• Initial Weekly Certified release date 27 September 2001

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Medium
• Number of Infections: More than 1000
• Number of Sites: More than 10
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Moderate

Damage

• Damage Level: Medium

Distribution

• Distribution Level: Low