SANTA CLARA, Calif., April 18 /PRNewswire-FirstCall/ McAfee, Inc. (NYSE: MFE) today announced the availability of Rootkits Part 2: A Technical Primer, a whitepaper designed to help IT security professionals better understand the technologies that make stealth possible on the Microsoft Windows platform. The whitepaper is part two in a series on rootkits, and is available for download through the McAfee® Threat Center: http://www.mcafee.com/us/threat_center/default.asp.
Rootkits a term commonly used to describe malware such as Trojans, worms and viruses actively conceal their existence and actions from users and other system processes. Because rootkits use technologies to hide any trace of intrusion, the term rootkit is associated with the term "stealth."
Rootkits Part 2: A Technical Primer examines the basic security architecture of Windows and explores several methods used by malware authors to hide files, processes and registry keys. McAfee's findings suggest that these new techniques will continue to challenge the security community, as hackers create stronger and more virulent strains of malware that will prove difficult to detect and delete.
"The number of rootkits submitted to McAfee Avert® Labs in the first quarter of 2007, compared to the first quarter of 2006, has decreased by 15 percent demonstrating that we are getting better at capturing existing families and existing techniques," said Jeff Green, senior vice president, McAfee Avert Labs. "Rootkit techniques, which were new in the first quarter of 2006, basically included Trojans that were trying to incorporate rootkit behavior. Now we see more samples from existing rootkit families, whereas new families that employ rootkit techniques have slowed down."
Over the past five years, McAfee has seen a significant increase in the number of Windows-based stealth components. Only 27 rootkit components existed in 2001, and today almost 2400 rootkit component were found in 2006. McAfee Avert Labs expects to see more than 2,000 Windows-based stealth components by the end of 2007, demonstrating that these technologies are here to stay.
McAfee Avert Labs maintains a top-ranked global security threat and research organization, employing researchers in sixteen countries around the globe. The Labs combine world-class malicious code and anti-virus research with intrusion prevention and vulnerability research expertise.
McAfee, Inc., is the leading dedicated security technology company. Headquartered in Santa Clara, California, McAfee delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the public sector and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security. http://www.mcafee.com.
NOTE: McAfee and Avert are registered trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.
SOURCE McAfee, Inc.