ZeroAccess, an advanced kernel mode rootkit

Discussion in 'malware problems & news' started by Triple Helix, Apr 11, 2011.

Thread Status:
Not open for further replies.
  1. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,275
    Location:
    Ontario, Canada
    ZeroAccess, an advanced kernel mode rootkit

    Full Story:
    http://www.prevx.com/blog/171/ZeroAccess-an-advanced-kernel-mode-rootkit.html
     
    Triple Helix, Apr 11, 2011
    #1
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    @ Triple Helix

    Thanks for posting, i don't pretend to understand most of the nitty gritty though !

    Some of these RK coders are very smart people, pity they don't use their $kill$ in non criminal areas.

    ADS a place where most don't look :p NTFS = ADS = no thanks, i like FAT32 ;)

    Clever & very effective :eek:

    No mention of how this & similar could be prevented though, via AntiExe's & HIPS etc.
     
    CloneRanger, Apr 11, 2011
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...