What is the difference between Gootkit, Bootkit and Rootkit?

What is Gootkit?

👉 GootKit is a Trojan horse that steals confidential information. It also opens a back door

What is RootKit?

👉A rootkit is malicious software that allows an unauthorized user to have privileged access to a computer and to restricted areas of its software. It's also called the Boot Sector Virus.

What is BootKit?

👉A bootkit is a type of malicious infection that targets the Master Boot Record located on the physical motherboard of the computer

# Gootkit is a trojan horse, first spotted in 2014.

Gootkit

• Its capabilities include infiltration of banking accounts, stealing credentials and manipulating online banking sessions.
• The malware uses three main modules: The Loader, The Main Module and The Web Injection Module. The Loader module is the first stage of the trojan which sets up the persistent environment. The main module creates a proxy server that works in conjunction with the new browser injection module.
• There is no defined propagation process of the malware. It uses phishing emails, exploit kits such as Neutrino, Angler, and RIG to spread to targeted systems.

Rootkit

• A rootkit is clandestine computer software designed to perform a wide range of malicious activities. This includes allowing hackers to steal passwords and modules that make it easy to capture credit card or online banking information.
• A rootkit can also give attackers the ability to disable security software and record keystrokes, simplifying the stealing process for criminals.
• There are five types of rootkits: Hardware or firmware rootkit; Bootloader rootkit; Memory rootkit; Memory rootkit; Application rootkit and Kernel-mode rootkit.
• Rootkit leverages phishing emails and infected mobile apps to propagate across systems.

Bootkit

• A bootkit is an advanced form of Rootkit that targets the Master Boot Record located on the physical motherboard of the computer.
• Infection by Bootkit can cause system instability and result in a Blue Screen warning or an inability to launch the operating system.
• Some bootkit infections may display a warning and demand a ransom to restore the computer to operational capacity.
• The malicious software usually spreads via bootable floppy disks and other bootable media. However, recently, it has been distributed via a harmless software program, phishing emails, or free downloads.