ZeroAccess Rootkit Guards Itself with a Tripwire
By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The...
View ArticleZeroAccess Gets Another Update
By Marco Giuliani Among the most infamous kernel mode rootkits in the wild, most of them have had a slowdown in their development cycle – TDL rootkit, MBR rootkit, Rustock are just some examples. The...
View ArticleNew Tool Released: Kiss (or Kick) ZeroAccess Goodbye
There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight...
View ArticleTDL3 and ZeroAccess: More of the Same?
By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the disk, first...
View Article
More Pages to Explore .....