77% of rootkits are used for espionage purposes

2021-11-05 05:30

The study finds that the majority of rootkits are used by APT groups or financially motivated criminals whose payouts exceed the costs, the most commonly targeted are government and research institutes, and 77% of rootkits are used by cybercriminals for espionage purposes.

Positive Technologies carried out a large-scale study of rootkits used by hacker groups over the past decade, starting in 2011.

The results show that in 44% of cases, cybercriminals used rootkits to attack government agencies.

Slightly less frequently, rootkits were used to attack research institutes.

"Rootkits, especially ones that operate in kernel mode, are very difficult to develop, so they are deployed either by sophisticated APT groups that have the skills to develop these tools, or by groups with the financial means to buy rootkits on the gray market," explains Yana Yurakova, a security analyst at Positive Technologies.

Researchers believe rootkits will continue to be developed and used by cybercriminals, and in fact, PT ESC specialists have identified the emergence of new versions of rootkits, indicating that attackers continue to invent new techniques to bypass protection.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/1bHUitJebxc/

#espionage