A Brief History of Rootkits
The first rootkits were maliciously modified administrative toolsets for Unix-like operating systems such as Linux that granted attackers administrative access. These “first-generation” rootkits were fairly easy to detect using tools such as Tripwire that had not been compromised to access the same information.
The first known rootkit was written in 1990 for Sun Microsystems’ Sun OS Unix operating system. Since then, rootkits and the uses for them have evolved significantly and become much harder to detect.
In one notorious 2005 rootkit scandal that helped raise awareness of rootkits among the general public, Sony BMG published CDs with copy protection and digital rights management software. The software installed a rootkit which limited the user’s ability to access the CD. Sony BMG released patches to uninstall the rootkit, but these patches exposed users to an even more serious security vulnerability. A class-action lawsuit against Sony BMB ensued and the company eventually recalled the CDs.