What is a rootkit?

A rootkit is a type of stealth malware designed to hide its own existence from detection. Because of this, rootkits are often extremely difficult to remove, and often necessitate completely wiping the hard drive and reinstalling the operating system.

How does a rootkit work?

The “root” in rootkit refers to the top level of administrative privileges that can be granted on a computer. Rootkits attempt to escalate its own privileges to root so there is effectively no higher level account that can remove them.

Once a rootkit has gained root privileges, it can access, modify, delete, and install software and files.

Back to Glossary