10 of 17Image
For a security researcher, the mere mention of the word rootkit can create a sickening feeling in the pit of the stomach. Bagle was one of the first examples to spread widely. It was also surprisingly sophisticated, as the above graphic (included with a contemporaneous F-Secure writeup) makes clear.
As the authors of the report note, the financial success of botnets had inspired malware authors to step up their game: “Two years ago Bagle was a simple virus. One EXE file, emailing itself around. It's not like that anymore. The malware suite has been built over time. Now the latest development is that one of the new Bagle variants integrates rootkit functionality.”
As trends go, it was anything but welcome.