Clik here to view.
ZeroAccess Rootkit Guards Itself with a Tripwire
By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The...
View ArticleClik here to view.
ZeroAccess Gets Another Update
By Marco Giuliani Among the most infamous kernel mode rootkits in the wild, most of them have had a slowdown in their development cycle – TDL rootkit, MBR rootkit, Rustock are just some examples. The...
View ArticleClik here to view.
New Tool Released: Kiss (or Kick) ZeroAccess Goodbye
There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight...
View ArticleClik here to view.
TDL3 and ZeroAccess: More of the Same?
By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the disk, first...
View Article
