kernel mode | DataProtectionCenter.com

Olmasco bootkit: next circle of TDL4 evolution (or not?)

18

Oct

2012

ESET – Olmasco (also known as SST, MaxSS) is a modification of the TDL4 bootkit family that we’ve been aware of since summer 2011. We started to track a new wave of activity from a new Olmasco dropper at the end of this summer. This bootkit family was the second to use VBR (Volume Boot […]

Category General Written by ESET ThreatBlog 0 Comments

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

06

Jun

2012

SophosLabs has been monitoring a new strain of the infamous ZeroAccess rootkit that has been hitting the internet over the last few weeks.ZeroAccess is a sophisticated kernel-mode rootkit that enslaves victim PCs, adding them to a peer-to-peer botnet from which they receive commands to download other malware. The rootkit has undergone several revisions since its […]

Category General Written by Naked Security - Sophos 0 Comments

Strange Case of W32.Xpaj.B: Patient Zero

25

May

2012

A number of days ago, we observed a new variant of the W32.Xpaj.B virus and we blogged all of the initial details about its new features and how the outbreak sample is the patient zero of the infection. We have now done more analysis and the conclusion is in: there is no outbreak and W32.Xpaj.B […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘kernel mode’

Olmasco bootkit: next circle of TDL4 evolution (or not?)

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

Strange Case of W32.Xpaj.B: Patient Zero

Categories

Featured

Archives

Latest Comments

About Us

Contact Us