ZeroAccess, an advanced kernel mode rootkit

Discussion in 'malware problems & news' started by Triple Helix, Apr 11, 2011.

Thread Status:
Not open for further replies.
  1. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    ZeroAccess, an advanced kernel mode rootkit

    Full Story:
    http://www.prevx.com/blog/171/ZeroAccess-an-advanced-kernel-mode-rootkit.html
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ Triple Helix

    Thanks for posting, i don't pretend to understand most of the nitty gritty though !

    Some of these RK coders are very smart people, pity they don't use their $kill$ in non criminal areas.

    ADS a place where most don't look :p NTFS = ADS = no thanks, i like FAT32 ;)

    Clever & very effective :eek:

    No mention of how this & similar could be prevented though, via AntiExe's & HIPS etc.
     
Loading...
Thread Status:
Not open for further replies.