What are malicious, self-hiding kernel modules that modify file system operations called?

Malicious, self-hiding kernel modules that modify file system operations are known as rootkits. A rootkit operates at a low level within the operating system, often integrating deeply into the kernel. This allows it to conceal its presence and activities from the user and standard security software. By modifying file system operations, rootkits can hide files, processes, and system calls, enabling malicious activity to occur unnoticed.

Rootkits are particularly dangerous because they can maintain control over the affected system while providing attackers with the ability to execute arbitrary code, steal data, or create backdoors for further access. Their stealthy nature is a defining characteristic that distinguishes them from other forms of malware, such as viruses and spyware, which may not specifically modify kernel operations or hide at such a low level within the system architecture.