What is the Difference Between a Rootkit and Malware?
In the world of computing, the terms "rootkit" and "malware" have become synonymous to many people. To place a blanket label on all rootkits as being malware would be a mistake, however. Although it is true that rootkit and malware software travel in many of the same circles and many rootkits are malware, some rootkits are used for beneficial purposes as well, which can be the main difference between them.
Rootkits and malware differ in the fact that rootkits are capable of gaining access to the root of a computer system without making themselves noticeable through a user interface. They can be used by security software to prevent attacks by malicious users and detect attacks in progress. Rootkits can also be used to speed up functions on a computer by allowing programs to work in the background without user interaction.
In some cases, rootkits can also be used to protect computer systems from theft. When this particular rootkit type is installed, the computer will periodically check into a home server and relay information about its present location. If a computer is ever stolen and then connected to the Internet, the rootkit will essentially phone home with the machine's whereabouts, and the stolen system can be recovered or locked to prevent access by the thief.
Some rootkits are also installed by the actual computer user for their own benefit. Game cheats and emulation software are common examples of this type of rootkit software. By using this type of rootkit software, the user is able to enhance his or her online gaming experience or emulate other system types and bypass copyright protections.
Malware is used by malicious individuals to subvert operating system security settings and gain access to a remote computer. After these people have access to a remote system, it is possible for them to access private files containing information such as credit cards, banking information or passwords. Malware can also be used to destroy system files, erase data or turn a remote computer into a "zombie," a machine that is then used to infect other computer systems or take part in denial of service attacks.
When rootkit and malware software are combined as a package, the malware is capable of hiding deep in the root of the computer system. These programs are able to gain root-level access and run programs within privileged computer access settings to have complete access to the system. With this level of access, the rootkit and malware are able to steal important data and send it to a remote user. This makes rootkit and malware combinations one of the most dangerous forms of malware on the Internet.
Discuss this Article
Post your comments