TDL3 and ZeroAccess: More of the Same?

August 8, 2011By Marco Giuliani

By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the…read more

New Tool Released: Kiss (or Kick) ZeroAccess Goodbye

August 3, 2011By Andrew Brandt

There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight infectious code,…read more

ZeroAccess Gets Another Update

July 19, 2011By glhaldeman

By Marco Giuliani Among the most infamous kernel mode rootkits in the wild, most of them have had a slowdown in their development cycle – TDL rootkit, MBR rootkit, Rustock are just some…read more

ZeroAccess Rootkit Guards Itself with a Tripwire

July 8, 2011By Marco Giuliani

By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The rootkit infects…read more