Tonmoy Evan
Rootkit 2021
Rootkit 2021

What is Rootkit 2021?

What is Rootkit 2021

āϏāĻšā§‡āϤāύāϤāĻž āĻ“ āĻļāĻŋāĻ•ā§āώāĻžāĻŽā§‚āϞāĻ• āωāĻĻā§āĻĻ⧇āĻļā§āϝ⧇ āϞ⧇āĻ–āĻž

āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ Rootkit 2021 āύāĻžāĻŽā§‡ āĻāĻ• āϧāϰāϪ⧇āϰ malware āĻĨāĻžāĻ•āϤ⧇ āĻĒāĻžāϰ⧇- āϝ⧇āϟāĻžāϰ āωāĻĒāĻ¸ā§āĻĨāĻŋāϤāĻŋ āϏāĻŽā§āĻŦāĻ¨ā§āϧ⧇ āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āύāĻŋāĻœā§‡āχ āϜāĻžāύāĻŦ⧇ āύāĻžāĨ¤ āφāϰ, āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ āϝāĻĻāĻŋ āĻāĻ•āĻŦāĻžāϰ rootkit āĻĒā§āϰāĻŦ⧇āĻļ āĻ•āϰ⧇, āϤāĻžāĻšāϞ⧇ āϏ⧇āχ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āĻĨ⧇āϕ⧇ Rootkit 2021 āϏāϰāĻžāύ⧋āϰ āĻ—ā§āϝāĻžāϰāĻžāĻ¨ā§āϟāĻŋ āĻĻ⧇āĻ“ā§ŸāĻž āĻĒā§āϰāĻžā§Ÿ āĻ…āϏāĻŽā§āĻ­āĻŦāĨ¤
Rootkit āĻāϰ āϏāĻ‚āĻœā§āĻžāĻž
āĻĒā§āϰāĻĨāĻŽā§‡āχ ā§§ āϟāĻŋ āĻĒā§āϰāĻļā§āύ āĻ•āϰāĻŋ- āφāĻĒāύāĻŋ āĻ•āĻŋ āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ āĻĨāĻžāĻ•āĻž āĻ…āĻĄāĻŋāĻ“, āĻ­āĻŋāĻĄāĻŋāĻ“āϕ⧇ āύāĻŋāϰāĻžāĻĒāĻĻ āĻŽāύ⧇ āĻ•āϰ⧇āύ? āφāĻŽāĻŋ āĻļāϤāĻ­āĻžāĻ— āύāĻŋāϰāĻžāĻĒāĻĻ āĻŽāύ⧇ āĻ•āϰāĻŋ āύāĻž; āϏāĻ°ā§āĻŦā§‹āĻšā§āϚ ⧝⧝% āύāĻŋāϰāĻžāĻĒāĻĻ āĻŽāύ⧇ āĻ•āϰāĻŋāĨ¤ āĻāϰ āϝāĻĨ⧇āĻˇā§āϟ āĻ•āĻžāϰāĻŖ āφāϛ⧇āĨ¤ āϝ⧇āĻŽāύ āϧāϰ⧁āύ- āĻāĻ•āϟāĻŋ file āĻāϰ āĻļ⧁āϰ⧁āϤ⧇ header āύāĻžāĻŽāĻ• āĻāĻ•āϟāĻŋ āĻ…āĻ‚āĻļ āĻĨāĻžāϕ⧇āĨ¤ āϏ⧇āĻ–āĻžāύ⧇ file āĻāϰ āĻĒāϰāĻŋāϚ⧟ āĻĨāĻžāϕ⧇āĨ¤ āϤāĻžāχ, āφāĻŽāĻŋ āĻāĻ•āϟāĻŋ āĻ“ā§Ÿā§‡āĻŦāϏāĻžāχāĻŸā§‡ āĻāĻŽāύ file āφāĻĒāϞ⧋āĻĄ āĻ•āϰāϞāĻžāĻŽ- āϝāĻžāϰ header āĻ āĻ°ā§Ÿā§‡āϛ⧇ PDF āĻāϰ header āĻ•āĻŋāĻ¨ā§āϤ⧁, file āĻāϰ data āĻšāĻŋāϏ⧇āĻŦ⧇ āĻ…āĻ¨ā§āϝ āĻ•ā§āώāϤāĻŋāĻ•āϰ code āϞāĻŋāϖ⧇ āĻĻāĻŋāϞāĻžāĻŽāĨ¤ āϤāĻžāĻšāϞ⧇, āĻŦāĻŋāĻļ⧇āώ āĻ•āĻŋāϛ⧁ āĻļāĻ°ā§āϤ āĻĒā§‚āϰāĻŖ āĻšāϞ⧇ āĻāχ PDF āĻšā§Ÿā§‡ āϝāĻžāĻŦ⧇ āĻāĻ•āϟāĻŋ āĻŽā§āϝāĻžāϞāĻ“ā§Ÿā§āϝāĻžāϰāĨ¤
āĻāĻ–āύ āĻŽā§‚āϞ āφāϞ⧋āϚāύāĻžā§Ÿ āφāϏāĻž āϝāĻžāĻ•- Rootkit 2021 āĻāϰ āϏāĻ‚āĻœā§āĻžāĻž āĻ•āĻŋ? āĻĻ⧇āϖ⧁āύ- āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āϰ āϏāĻ•āϞ āĻ•āĻžāϜ āĻ•āϰāĻž āĻšā§Ÿ āĻ…āĻĒāĻžāϰ⧇āϟāĻŋāĻ‚ āϏāĻŋāĻ¸ā§āĻŸā§‡āĻŽā§‡āϰ āĻŽāĻžāĻ§ā§āϝāĻŽā§‡āĨ¤ āφāϰ, āĻāχ āĻ…āĻĒāĻžāϰ⧇āϟāĻŋāĻ‚ āϏāĻŋāĻ¸ā§āĻŸā§‡āĻŽ āĻĒā§āϰāϤāĻŋāύāĻŋ⧟āϤ āϝ⧇āϏāĻŦ āĻšāĻžāĻ°ā§āĻĄāĻ“ā§Ÿā§āϝāĻžāϰ āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰ⧇, āϏ⧇āϗ⧁āϞ⧋ āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰāĻžāϰ āφāϗ⧇ check āĻ•āϰāĻž āĻšā§Ÿ- āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰāϟāĻŋ āϝāĻŋāύāĻŋ (user) āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰāϛ⧇āύ, āĻšāĻžāĻ°ā§āĻĄāĻ“ā§Ÿā§āϝāĻžāϰāϟāĻŋ āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰāĻžāϰ āĻŽāϤ⧋ privilege āĻŦāĻž, āĻ•ā§āώāĻŽāϤāĻž āϤāĻžāϰ āφāϛ⧇ āĻ•āĻŋāύāĻžāĨ¤ Windows āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āĻĻāĻŋā§Ÿā§‡ āωāĻĻāĻžāĻšāϰāĻŖ āĻĻ⧇āĻ“ā§ŸāĻž āϝāĻžāĻ•āĨ¤ āφāĻĒāύāĻŋ āϝāĻ–āύ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ āϕ⧋āύāĻ•āĻŋāϛ⧁ install āĻ•āϰāϤ⧇ āϚāĻžāύ, āϤāĻ–āύ run as administrator āĻ•āϰāϤ⧇ āĻšā§ŸāĨ¤ āĻ•āĻžāϰāύ, āϏāĻžāϧāĻžāϰāĻŖ āĻŦāĻž, normal user āĻšāĻŋāϏ⧇āĻŦ⧇ āφāĻĒāύāĻŋ āĻāϟāĻž āĻ•āϰāϤ⧇ āĻĒāĻžāϰāĻŦ⧇āύ āύāĻžāĨ¤
āϤ⧋, āĻāϏāĻŦ IOPL āĻāϰ āĻŽāϤ⧋ sensitive āĻŦāĻŋāώ⧟ check āĻ•āϰāĻžāϰ āĻ•āĻžāϜ āĻ•āϰ⧇- āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āϰ kernelāĨ¤ āĻ•āĻŋāĻ¨ā§āϤ⧁, āĻāχ kernel āĻšāĻšā§āϛ⧇ āĻāĻ•āϟāĻŋ āĻĒā§āϰ⧋āĻ—ā§āϰāĻžāĻŽ- āϝāĻžāϰ āĻ…āύ⧇āĻ• component āĻŦāĻž, āĻ…āĻ‚āĻļ āφāϛ⧇āĨ¤ āϤāĻžāχ, āϕ⧇āω āϝāĻĻāĻŋ āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āϰ kernel āϞ⧇āϭ⧇āϞ⧇āϰ privilege āĻĒā§‡ā§Ÿā§‡ āϝāĻžā§Ÿ āĻāĻŦāĻ‚ āϏ⧇āĻ–āĻžāύ⧇ (ring 0) āĻ•āĻžāĻ°ā§āύ⧇āϞ driver āĻšāĻŋāϏ⧇āĻŦ⧇ āĻ•ā§āώāϤāĻŋāĻ•āϰ āĻĒā§āϰ⧋āĻ—ā§āϰāĻžāĻŽ āϝ⧁āĻ•ā§āϤ āĻ•āϰ⧇ āĻĻā§‡ā§Ÿ, āϤāĻžāĻšāϞ⧇ āĻ…āύ⧇āĻ• āĻāĻ¨ā§āϟāĻŋ āĻ­āĻžāχāϰāĻžāϏāĻ“ āϏ⧇āϟāĻžāϕ⧇ āĻļāύāĻžāĻ•ā§āϤ āĻ•āϰāϤ⧇ āĻĒāĻžāϰāĻŦ⧇ āύāĻžāĨ¤ āĻ•āĻžāϰāύ, āĻ•āĻžāĻ°ā§āύ⧇āϞ driver āϕ⧇ āĻ…āύ⧇āĻ• āĻāĻ¨ā§āϟāĻŋ āĻ­āĻžāχāϰāĻžāϏ scan āĻ•āϰ⧇ āύāĻžāĨ¤ āĻāĻ›āĻžā§œāĻž, driver āĻāϰ āϜāĻ¨ā§āϝ āĻ…āĻ¨ā§āϝ⧇āϰ āϏāĻžāĻ°ā§āϟāĻŋāĻĢāĻŋāϕ⧇āϟāĻ“ āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰāĻž āϝāĻžā§Ÿ; āĻŦāĻŋāĻļ⧇āώ āĻ•āϰ⧇, Windows āϝāĻ–āύ āϝāĻžāϚāĻžāχ āĻ•āϰ⧇ āϝ⧇, āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ āĻāĻ•āϟāĻŋ driver āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰāĻž āϝāĻžāĻŦ⧇ āĻ•āĻŋāύāĻž- āϤāĻ–āύ (āφāĻŽāĻžāϰ āϜāĻžāύāĻž āĻŽāϤ⧇- Mamun) āϏ⧇āχ driver āĻāϰ āϏāĻžāĻ°ā§āϟāĻŋāĻĢāĻŋāϕ⧇āĻŸā§‡āϰ āĻĻāĻŋāϕ⧇ āϗ⧁āϰ⧁āĻ¤ā§āĻŦ āĻĻā§‡ā§Ÿ āύāĻžāĨ¤
āϤāĻžāχ, āωāĻĒāϰ⧇āϰ āφāϞ⧋āϚāύāĻžā§Ÿ Rootkit 2021 āĻšāĻšā§āϛ⧇ āĻāĻŽāύ āĻāĻ• āĻŽā§āϝāĻžāϞāĻ“ā§Ÿā§āϝāĻžāϰ-
  • āϝ⧇āϟāĻŋ kernel āϞ⧇āϭ⧇āϞ⧇āϰ privilege āύāĻŋā§Ÿā§‡ āĻ•āĻžāϜ āĻ•āϰ⧇āĨ¤ āϝāĻĻāĻŋāĻ“, āĻŦāĻŋāĻļ⧇āώ āĻ…āĻĒāĻžāϰ⧇āϟāĻŋāĻ‚ āϏāĻŋāĻ¸ā§āĻŸā§‡āĻŽā§‡ software āϞ⧇āϭ⧇āϞ⧇āϰāĻ“ āĻšāϤ⧇ āĻĒāĻžāϰ⧇āĨ¤
  • āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ restart āĻ•āϰāϞ⧇āĻ“ Rootkit 2021 āĻ•āĻžāϜ āĻ•āϰ⧇āĨ¤

āĻāĻ–āύ āĻ…āύ⧇āϕ⧇ āĻĒā§āϰāĻļā§āύ āĻ•āϰāĻŦ⧇āύ- ‘āĻāĻ•āϜāύ āĻŦā§āϝāĻ•ā§āϤāĻŋ āĻ•āĻŋāĻ­āĻžāĻŦ⧇ āφāĻŽāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ rootkit āĻĒā§āϰāĻŦ⧇āĻļ āĻ•āϰāĻžāĻŦ⧇’? āĻĻ⧇āϖ⧁āύ- Linux āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāĻ°ā§‡Â /etc/sudoers āύāĻžāĻŽāĻ• file āϕ⧇ edit āĻ•āϰ⧇ privilege āĻŦāĻž, āĻ•ā§āώāĻŽāϤāĻž āύāĻŋāϤ⧇ āĻšāĻŦ⧇; āϝāĻžāϰ āϜāĻ¨ā§āϝ password āϜāύāϤ⧇ āĻšāĻŦ⧇āĨ¤ āĻ•āĻŋāĻ¨ā§āϤ⧁, Windows āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāĻ°ā§‡Â .bat āĻŦāĻž, .exe file āϕ⧇ run as administrator āĻ•āϰāϞ⧇ āϏāĻšāĻœā§‡āχ system file āĻāϰ permission āĻĒāĻžāĻ“ā§ŸāĻž āϝāĻžā§ŸāĨ¤ āĻĢāϞ⧇, āϖ⧁āĻŦ āĻ…āĻ˛ā§āĻĒ āϏāĻŽā§Ÿā§‡āϰ āĻŽāĻ§ā§āϝ⧇āχ āĻāĻ•āϜāύ āĻŦā§āϝāĻ•ā§āϤāĻŋ āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ āĻāϟāĻž āĻ•āϰāϤ⧇ āĻĒāĻžāϰāĻŦ⧇āĨ¤ āφāĻŦāĻžāϰ, āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āϰ āϏāϰāĻžāϏāϰāĻŋ access āĻĒ⧇āϞ⧇ Windows āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āĻ°Â sethc.exe āϕ⧇ rename āĻ•āϰ⧇ user password āĻĒāϰāĻŋāĻŦāĻ°ā§āϤāύ āĻ•āϰ⧇ login āĻ•āϰāĻž āϏāĻŽā§āĻ­āĻŦāĨ¤ āφāϰ, āϤāĻžāϰāĻĒāϰ regedit āĻāϰ āĻŽāĻžāĻ§ā§āϝāĻŽā§‡Â HKEY_LOCAL_MACHINE āĻĨ⧇āϕ⧇ CurrentControlSet āĻāϰ āĻ…āĻ¨ā§āϤāĻ°ā§āĻ­ā§‚āĻ•ā§āϤ key āĻāϰ value āĻĒāϰāĻŋāĻŦāĻ°ā§āϤāύ āĻ•āϰ⧇ rootkit āĻšāĻŋāϏ⧇āĻŦ⧇ backdoor āϤ⧈āϰ⧀ āĻ•āϰ⧇ āĻĻ⧇āĻ“ā§ŸāĻž āϏāĻŽā§āĻ­āĻŦāĨ¤ āϤāĻŦ⧇, āϏāĻŽā§āĻĒ⧁āĻ°ā§āύ āĻĒāĻĻā§āϧāϤāĻŋ āĻŦāϞāĻŦā§‹ āύāĻž āϝ⧇āĻšā§‡āϤ⧁, āϏ⧇āϟāĻž āĻĢ⧇āϏāĻŦ⧁āĻ• policy -āϰ āĻŦāĻŋāϰ⧁āĻĻā§āϧ⧇ āϝāĻžāĻŦ⧇āĨ¤

āϝāĻžāχ āĻšā§‹āĻ•, āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ Rootkit 2021 āĻĒā§āϰāĻŦ⧇āĻļ āĻ•āϰāĻžāϰ āĻĒāϰ āχāĻ¨ā§āϟāĻžāϰāύ⧇āϟ āĻŦā§āϝāĻžāĻŦāĻšāĻžāϰ āĻ•āϰ⧇āχ āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āϏ⧇āχ āĻŦā§āϝāĻ•ā§āϤāĻŋāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āϰ āϏāĻžāĻĨ⧇ connect āĻšā§Ÿā§‡, āϤāĻžāϰ command āĻ…āύ⧁āϝāĻžā§Ÿā§€ āĻ•āĻžāϜ āĻ•āϰāϤ⧇ āϏāĻ•ā§āώāĻŽ āĻšāĻŦ⧇āĨ¤ āĻ•āĻŋāĻ¨ā§āϤ⧁, āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āĻŦ⧁āĻāϤ⧇āχ āĻĒāĻžāϰāĻŦ⧇ āύāĻž āϝ⧇, āĻāϟāĻŋ āĻāĻ•āϟāĻŋ āĻŽā§āϝāĻžāϞāĻ“ā§Ÿā§āϝāĻžāϰāĨ¤ āĻ•āĻžāϰāĻŖ, āĻāχ Rootkit 2021 āϤ⧋ āĻāĻ–āύ āĻ…āĻĒāĻžāϰ⧇āϟāĻŋāĻ‚ āϏāĻŋāĻ¸ā§āĻŸā§‡āĻŽā§‡āϰāχ āĻ…āĻ‚āĻļ āĻšā§Ÿā§‡ āĻ—āĻŋā§Ÿā§‡āϛ⧇

āĻ•āĻŋāĻ­āĻžāĻŦ⧇ āĻļāύāĻžāĻ•ā§āϤ āĻ•āϰāĻŦā§‹?

āĻļ⧁āϰ⧁āϤ⧇āχ āĻŦāϞ⧇āĻ›āĻŋ- āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇ āϝāĻĻāĻŋ āĻāĻ•āĻŦāĻžāϰ Rootkit 2021 āĻĒā§āϰāĻŦ⧇āĻļ āĻ•āϰ⧇, āϤāĻžāĻšāϞ⧇ āϏ⧇āχ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āĻĨ⧇āϕ⧇ rootkit āϏāϰāĻžāύ⧋āϰ āĻ—ā§āϝāĻžāϰāĻžāĻ¨ā§āϟāĻŋ āĻĻ⧇āĻ“ā§ŸāĻž āĻĒā§āϰāĻžā§Ÿ āĻ…āϏāĻŽā§āĻ­āĻŦāĨ¤ āĻ…āĻ°ā§āĻĨāĻžā§Ž, āĻļāϤ āĻšā§‡āĻˇā§āϟāĻž āĻ•āϰāĻžāϰ āĻĒāϰ⧇āĻ“, Rootkit 2021 āĻāĻ–āύāĻ“ āφāϛ⧇ āĻ•āĻŋāύāĻž- āϏ⧇āχ āϏāĻ¨ā§āĻĻ⧇āĻš āĻĨ⧇āϕ⧇āχ āϝāĻžāĻŦ⧇āĨ¤ āĻ•āĻžāϰāύ, āĻšāϤ⧇ āĻĒāĻžāϰ⧇ rootkit āφāĻĒāύāĻžāϰ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ⧇āϰ āĻšāĻžāĻ°ā§āĻĄāĻĄāĻŋāĻ¸ā§āĻ• āĻāϰ firmware āĻāϰ āĻŽāĻ§ā§āϝ⧇ āĻ°ā§Ÿā§‡āϛ⧇ āĻ•āĻŋāĻ‚āĻŦāĻž, BIOS āĻāϰ āĻŽāĻ§ā§āϝ⧇! āϤāĻžāϰāĻĒāϰ⧇āĻ“, USB āĻĒ⧇āύāĻĄā§āϰāĻžāχāĻ­ āĻĨ⧇āϕ⧇ live boot āĻ•āϰ⧇, āϏ⧇āχ āĻŽā§āϝāĻžāϞāĻ“ā§Ÿā§āϝāĻžāϰ āĻŽā§āĻ•ā§āϤ āĻ…āĻĒāĻžāϰ⧇āϟāĻŋāĻ‚ āϏāĻŋāĻ¸ā§āĻŸā§‡āĻŽā§‡āϰ āϏāĻžāĻĨ⧇ rootkit āφāĻ•ā§āϰāĻžāĻ¨ā§āϤ āĻ…āĻĒāĻžāϰ⧇āϟāĻŋāĻ‚ āϏāĻŋāĻ¸ā§āĻŸā§‡āĻŽā§‡āϰ āϤ⧁āϞāύāĻž āĻ•āϰ⧇ āĻĻ⧇āĻ–āĻž āϝ⧇āϤ⧇ āĻĒāĻžāϰ⧇- āϕ⧋āύ āĻĒāĻžāĻ°ā§āĻĨāĻ•ā§āϝ āφāϛ⧇ āĻ•āĻŋāύāĻžāĨ¤ āĻāĻ›āĻžā§œāĻž, āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āĻĨ⧇āϕ⧇ āχāĻ¨ā§āϟāĻžāϰāύ⧇āĻŸā§‡ āϝ⧇āϏāĻŦ traffic āϝāĻžāĻ“ā§ŸāĻž-āφāϏāĻž āĻ•āϰāĻŦ⧇, āϏ⧇āϗ⧁āϞ⧋ analysis āĻ•āϰāĻžāϰ āĻŽāĻžāĻ§ā§āϝāĻŽā§‡āĻ“ āĻ…āύ⧇āĻ• āĻ•āĻŋāϛ⧁ āφāĻ¨ā§āĻĻāĻžāϜ āĻ•āϰāĻž āϏāĻŽā§āĻ­āĻŦāĨ¤ āϝāĻĻāĻŋāĻ“, āĻ…āύ⧇āϕ⧇āχ āĻĒāϰāĻžāĻŽāĻ°ā§āĻļ āĻĻāĻŋāĻŦ⧇- rootkit āφāĻ•ā§āϰāĻžāĻ¨ā§āϤ āĻ•āĻŽā§āĻĒāĻŋāωāϟāĻžāϰ āĻĨ⧇āϕ⧇ āχāĻ¨ā§āϟāĻžāϰāύ⧇āϟ āϏāĻ‚āϝ⧋āĻ— āĻŦāĻŋāĻšā§āĻ›āĻŋāĻ¨ā§āύ āĻ•āϰ⧇ āĻĻāĻŋāϤ⧇āĨ¤ āϤāĻŦ⧇, āχāĻ¨ā§āϟāĻžāϰāύ⧇āϟ āĻŸā§āϰāĻžāĻĢāĻŋāĻ• analysis āĻ•āϰāĻžāϰ āĻŽāĻžāĻ§ā§āϝāĻŽā§‡ āĻ…āĻĒāϰāĻžāϧ⧀āϕ⧇ āĻļāύāĻžāĻ•ā§āϤ āĻ•āϰāĻžāϰ āĻāĻ•āϟāĻŋ āϏāĻŽā§āĻ­āĻžāĻŦāύāĻž āĻĨāĻžāϕ⧇āĨ¤ āĻ•āĻŋāĻ¨ā§āϤ⧁, āϖ⧁āĻŦ āĻœā§āĻžāĻžāύ⧀ āĻšā§āϝāĻžāĻ•āĻžāϰ⧇āϰ āĻŦāĻŋāώ⧟ āφāϞāĻžāĻĻāĻžāĨ¤ āĻŦāĻžāĻ¸ā§āϤāĻŦ⧇ āĻāĻŽāύ āĻ…āύ⧇āĻ• āĻšā§āϝāĻžāĻ•āĻžāϰ āφāϛ⧇, āϝāĻžāĻĻ⧇āϰāϕ⧇ āĻŦāĻŋāϞāĻŋ⧟āύ āĻĄāϞāĻžāϰ āĻŦāĻžāĻœā§‡āĻŸā§‡āϰ āĻ—ā§‹ā§Ÿā§‡āĻ¨ā§āĻĻāĻž āϏāĻ‚āĻ¸ā§āĻĨāĻžāĻ“ āϖ⧁āρāĻœā§‡ āĻŦ⧇āϰ āĻ•āϰāϤ⧇ āĻĒāĻžāϰ⧇ āύāĻŋāĨ¤ āφāϰ, āĻŦ⧜ āĻŦ⧜ āĻšā§āϝāĻžāĻ•āĻžāϰāϰāĻž rootkit āĻĻāĻŋā§Ÿā§‡āχ āφāĻ•ā§āϰāĻŽāĻŖ āĻ•āϰāĻžāϰ āĻšā§‡āĻˇā§āϟāĻž āĻ•āϰāĻŦ⧇āĨ¤ āϤāĻžāχ, rootkit āĻĨ⧇āϕ⧇ āϏāĻžāĻŦāϧāĻžāύ!
                                                             In English –
Written for awareness and educational purposes
The computer may contain a type of malware called Rootkit 2021 – the presence of which your computer itself may not be aware of. And, once the rootkit enters the computer, it is almost impossible to guarantee that the rootkit will be removed from that computer.
Definition of Rootkit 2021
First of all, let me ask you a question – do you think the audio and video on your computer are safe? I don’t think it’s 100% safe; I think the maximum is 99% safe. There are enough reasons for this. For example, at the beginning of a file there is a part called header. There is the identity of the file. So, I uploaded a file on a website which has the header of PDF in its header, but I wrote another harmful code as the data of the file. Then, if certain conditions are met, this PDF will become a malware
Now let’s come to the main discussion – what is the definition of Rootkit 2021? See – all the work of the computer is done through the operating system. And, the hardware that this operating system uses constantly, is checked before use – the computer the user is using, whether the privilege or ability to use the hardware. Let’s give an example with Windows computer. When you want to install something on a computer, you have to run as administrator. Because, as a normal user, you can’t do it.
So, it works to check sensitive things like IOPL – computer kernel. However, this kernel is a program that has many components. So, if someone gets your computer’s kernel level privilege and adds malicious programs to it (ring 0) as the kernel driver, many anti-viruses will not be able to detect it. This is because the kernel does not scan the driver for many anti-viruses. In addition, someone else’s certificate can be used for the driver; In particular, when Windows verifies whether a driver can be used on a computer – (as far as I know – Mamun) does not pay attention to the driver’s certificate.
So, the rootkit in the discussion above is a malware-

1. Which works with kernel level privilege. However, special operating systems may also have software levels.
2. The Rootkit 2021 works even if the computer restarts.

Now many will ask- ‘How can a person insert rootkit into my computer’? See – Editing a file called / etc / sudoers on a Linux computer will take privilege or power; For which you need to know the password. However, if you run .bat or .exe file as administrator on Windows computer, you can easily get permission of system file. As a result, a person can do it on your computer in a very short time.

Again, if you have direct access to your computer, it is possible to rename sethc.exe of Windows computer and login by changing user password. And, then regedit can change the value of the key included in the Current ControlSet from HKEY_LOCAL_MACHINE to create backdoor as rootkit. However, I will not say the whole procedure, as it will go against the Facebook policy.

However, after entering the rootkit in the computer, your computer will be able to connect to that person’s computer and work according to his command by using the internet. However, your computer may not realize that this is malware. Because, this rootkit is now part of the operating system.

How to identify?

As I said at the beginning – once the Rootkit 2021 enters the computer, it is almost impossible to guarantee the removal of the rootkit from that computer. That is, after hundreds of attempts, the rootkit is still in doubt. Because, maybe the rootkit is in the firmware of your computer’s hard disk or, in the BIOS! Even then, by booting live from a USB pen drive, one can compare that malware-free operating system to the rootkit-infected operating system – to see if there is a difference. In addition, it is possible to predict a lot by analyzing the traffic that will come and go from the computer to the Internet. However, many would suggest disconnecting the Internet from the rootkit-infected computer. However, there is a possibility of identifying the culprit through internet traffic analysis. But, the subject of a very wise hacker is different. In fact, there are many hackers who could not be found even by the intelligence agencies with a budget of billions of dollars. And, big hackers will try to attack with rootkit. So, beware of Rootkit 2021!

āφāϰ⧋ āĻĒāĻĄāĻŧ⧁āύ – the best laptop in India at 2021- May

Writer –Md. Abdullah Al Mamun

āχāύāĻĢāϰāĻŽā§‡āĻļāύ āϏ⧋āĻ°ā§āĻ¸â€“

āϏāĻžāχāĻŦāĻžāϰ āϏ⧋āϏāĻžāχāϟāĻŋ

express vpn premium account 2021Nord Vpn Premium Account 2021kinemaster pro

Tonmoy Evan

1 comment

Follow Me

Don't be shy, get in touch. We love meeting interesting people and making new friends.