Rootkits storm malware chart

Rootkits have become a mainstream phenomenon since the Sony BMG debacle

The most common rootkit is a spyware application known as Apropos, according to data collected by security experts at F-Secure.  

Apropos collects system information and data on a user's browsing habits and sends the information back to the application's creators.

It is also capable of recording keystrokes and launching a denial of service attack, and can download and install additional software on an infected computer.

Rootkits have become a mainstream phenomenon ever since Sony BMG was caught bundling one as part of the XCP anti-piracy technology on some of its audio CDs.

Sony used a rootkit to hide the technology, preventing users from uninstalling the application.

Hackers originally started using rootkits to build backdoors into computers, but the technology has caught a second wind in recent months as malware creators use rootkits to hide worms and spyware from antivirus and anti-spyware software.

In F-Secure's ranking Apropos surpassed the Sony BMG rootkit in the number of infections.

The open source FU rookit is another widespread example. The tool is popular because of its ease of use, security researcher Mika Tolvanen wrote on F-Secure's blog. 

But the tool is lacking in sophistication, hiding processes from the task manager in Windows but not the actual files.

Hacker Defender, however, is considered one of the more nefarious rootkits. Specialised rootkit creators offer custom versions of the tool for sale, making it hard to detect. 

Hacker Defender is therefore a popular rootkit for online criminals targeting corporate servers, where they can expect to find valuable data such as trade secrets or customer information including credit card numbers.

• The wise man's guide to Christmas shopping
• Win a trip to Las Vegas!