Most users in China, especially those with limited knowledge of computer security, have experienced the installation of a rootkit while surfing the Internet. In some cases, users don’t notice that a rootkit has been installed. In other cases, users do notice, but are unable to remove the rootkit and opt to reinstall their operating system instead. Once a rootkit has been installed, additional malicious software, such as a trojan horse program, is usually installed. The rootkit is typically used to hide the trojan. The hidden trojan is typically used to steal important information from the system such as online game accounts or bank accounts information and so on. In addition, the attacker can use the compromised system in conjunction with other systems to carry out DDoS attacks.
Some companies apply rootkit technology in their products as a means of defending against tampering with their software. For example, the 3721 web browser plugin makes use of rootkit technology to avoid being uninstalled by other programs and/or plugins. Many other rogue applications like CNNIC, YiSou, qyule, etc, also do this. Some of this rogue software is hard to remove once it has been installed and/or can cause systems to become unstable. Rootkit technology is also often used in software designed to help users cheat in online games. A lot of people play online games in China and many are willing to pay for software that can be used to cheat in the games that they play. Developers use rootkit technology to create software that can be used to cheat in online games without being detected by the gaming software.
Since rootkits are so widespread in China, many local Chinese security software companies focus on defending against them.
Nowadays, many viruses in China install both rootkits and trojan horse programs, causing extensive harm to Chinese networks and significant financial loss. Many people, including victims of these kinds of malware, have organized to help stop its spread. The Chinese government has also taken notice of the spread of malware and has begun to treat malware authors as criminals. Li Jun, the author of the “Panda Burning Joss Sticks” virus, which installed rootkits and trojans on millions of machines, was recently convicted. In addition, a new anti-malware law will come into effect next year. This law will penalize those who create malware.
References: