Mebromi: the first BIOS rootkit in the wild

September 13, 2011By Marco Giuliani

By Marco Giuliani In the past few weeks a Chinese security company called¬†Qihoo 360 blogged about a new BIOS rootkit hitting Chinese computers. This turned to be a very interesting discovery as it…read more

TDL3 and ZeroAccess: More of the Same?

August 8, 2011By Marco Giuliani

By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the…read more

ZeroAccess Rootkit Guards Itself with a Tripwire

July 8, 2011By Marco Giuliani

By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The rootkit infects…read more

true