Premium Resources

Rootkits, Spyware and Ransomware


A rootkit is a collection of malicious computer software created to get access to a target computer and often hides its existence or the existence of other software. The term rootkit is a concatenation of “root” (the privileged account on Unix-like operating systems) and the word “kit” (which refers to the software components that implement the tool).

A rootkit can be installed by an attacker directly or remotely by exploiting a known vulnerability. Once installed, it hides and runs with administrator privilege. Rootkit detection is difficult because a rootkit intercepts operating system calls by antivirus and return a good version of the software. It either duplicates or replaces OS system files making it difficult to detect it.

Methods of Detection:

  • Behavioural-based methods

  • signature scanning,

  • Integrity scanning by taking snapshots

  • Memory dump analysis.

The usual solution is to reinstall the operating system.

When dealing with firmware rootkits, removal may require hardware replacement or specialized equipment.


This malware when installed on the target, monitor the Target for every action and report to the remote attacker. Cookie stealing, Password stealing, identity theft, information theft are few attacks which are common using spyware


These are malicious software which restricts access to computer system files and folders asking for an online ransom amount to remove the restrictions.

Usually, they encrypt the data, making the user pay them a huge ransom to get the decrypted data.


PMI®, PMBOK®, PMP® and PMI-ACP® are registered marks of the Project Management Institute, Inc.

The Swirl logo™ is a trade mark of AXELOS Limited.

ITIL® is a registered trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.

PRINCE2® is a registered trade mark of AXELOS Limited, used under permission of AXELOS Limited. All rights reserved.

IASSC® is a registered trade mark of International Association for Six Sigma Certification.

Certified ScrumMaster® (CSM) is a registered trade mark of SCRUM ALLIANCE®

CISSP® is a registered mark of The International Information Systems Security Certification Consortium (ISC)2.

CCNA® is a trademark of Cisco.

Microsoft and MS Project are the registered trademarks of the Microsoft Corporation.

SAP Trademark(s) is/are the trademark(s) or registered trademark(s) of SAP SE in Germany.