The Latest in IT Security

Technical paper: The ZeroAccess rootkit under the microscope

11
Apr
2012

Virus on computer, images courtesy of ShutterstockZeroAccess is a sophisticated kernel-mode rootkit that is quickly becoming one of the most widespread malware threats.

In a new technical paper from SophosLabs, malware researcher James Wyke explores the ZeroAccess threat, examines how it works and looks at what the malware’s ultimate goal is.

ZeroAccess has a resilient peer-to-peer command and control infrastructure, runs on both 32-bit and 64-bit versions of Windows, and has been constantly updated with new functionality, allowing it to thrive on modern networks and operating systems.

From the distribution mechanisms used to spread it, through the installation procedure, memory residence and payload, the technical paper offers a deep insight into how ZeroAccess works.

Read: ZeroAccess technical paper

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments