Apparently it's using a rooted background process installed at software installation time.

This whole practice needs to be exposed since it essentially gives any piece of software complete control over the machine simply because the user was supposedly asked to "temporarily" provide admin/root access to the installer in order to install some app.

But in addition to that, it also installed a rooted background process that essentially grants them access to read/write anything on the machine, forever.