ESET® Rootkit Detector is a new security tool for Mac® OS X that scans for malicious kernel extensions attempting to change operating system behavior by hooking inside the OS. When the rogue kernel extensions hook inside the OS X, they can bypass any security measure thus allowing complete access of system privileges.
“ESET Rootkit Detector is a simple and effective tool for detection of rootkits on OS X platforms. With this tool we aim to help the users to detect modifications in the OS X kernel memory, that might indicate presence of a rootkit in the system,”
says Pierre-Marc Bureau, ESET Security Intelligence Program Manager.
Over the course of last year, ESET has observed multiple rootkits targeting OS X. With rootkit codes readily available online, systems have been compromised without the knowledge of the owner. Rootkits such as OSX/Morcut and OSX/Crisis have been used to spy and steal information of unsuspecting users. ESET Rootkit detector provides an intuitive and user friendly way to check the integrity of the kernel and provide information about potential problems. It supports Snow Leopard (10.6.0) up to the latest version of Mountain Lion (currently 10.8.4). Additionally, it works on Intel 32-bit and 64-bit kernel.
For more information on the investigation of the rootkits targeting OS X visit WeLiveSecurity blog post or
ESET Rootkit Detector product page.