Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
WeLiveSecurity

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

The mysterious Avatar rootkit, detected by ESET as Win32/Rootkit.Avatar, appears to reflect a heavy investment in code development, with an API and a SDK available, plus an interesting abuse of Yahoo ...
eWeek

Spy Sweeper Digs Deep for Rootkits

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Already among the most respected names in spyware defense, ...
TechRepublic

New CosmicStrand rootkit targets Gigabyte and ASUS motherboards

Malware exists in different flavors. Most of the time, malware consists of malicious files stored in computers operating systems, just like any other file, and running as software with or without high ...
CIO

‘Invisible’ Rootkit Heralds Trouble Ahead

Security researchers have discovered a new type of rootkit they believe will greatly increase the difficulty of detecting and removing malicious code. The rootkit in question, called ...