Hackers turn to root kits for web attacks

Security experts at Microsoft today warned of the danger posed by internet root kits which are increasingly being used by hackers in preference to traditional malware such as Trojans.

A root kit is a specially formulated piece of malware that gives a hacker full administrator rights to an infected PC, allowing them to change and copy data at will.

They are typically embedded in web pages from where they can be downloaded by unwitting surfers through improperly patched browsers.

"In our top 10 of malicious software, traditional worm viruses only take two out of the top 10 spots," said Mario Juarez, product manager for Microsoft's Security Business and Technology unit.

"But root kits are a growing problem. What is particularly worrying is how hard they are to get rid of; 57 per cent of reported duplicate deletions (where the same machine has to be cleaned twice) come from root kit re-infection."

Root kits are typically used by spyware manufacturers, since they are designed to be difficult to spot yet give the hacker high levels of control over infected PCs.

Security firm F-Secure warned in May that the popular hacking program RBot was using root kits, and Juarez warned they are becoming much more popular.