Stopping the ZeroAccess Rootkit

Published: 2010-11-18
Last Updated: 2010-11-18 16:26:20 UTC
by Chris Carboni (Version: 1)
1 comment(s)

Jack at the Infosec Institute sent a note announcing research that had been done on the ZeroAccess Rootkit.

He states "One of our InfoSec Resources Authors defeated all of the anti-debugging and anti-forensics features of ZeroAccess and traced the source of this crimeware rootkit"

The full article can be found on their website.

How widespread are rootkits in your environment?

Are you having a problem with rootkits right now or have you had a problem with them in the past?

Write in and share your experiences including any practical tips on recovery in a corporate environment.
 

Christopher Carboni - Handler On Duty

1 comment(s)

Comments

ok, from a Google search "detect zeroaccess rootkit" this site Anti-Malware-Site.com looked interesting with an April 2010 review of rootkit detection software. Does anyone know about this site. Looks good, but I'm skeptical.

Diary Archives