Stopping the ZeroAccess Rootkit - SANS Internet Storm Center

SANS ISC InfoSec Forums

Stopping the ZeroAccess Rootkit
Jack at the Infosec Institute sent a note announcing research that had been done on the ZeroAccess Rootkit. He states "One of our InfoSec Resources Authors defeated all of the anti-debugging and anti-forensics features of ZeroAccess and traced the source of this crimeware rootkit" The full article can be found on their website. How widespread are rootkits in your environment? Are you having a problem with rootkits right now or have you had a problem with them in the past? Write in and share your experiences including any practical tips on recovery in a corporate environment. Christopher Carboni - Handler On Duty	Chris 140 Posts
Reply Subscribe	Nov 18th 2010 8 years ago
ok, from a Google search "detect zeroaccess rootkit" this site Anti-Malware-Site.com looked interesting with an April 2010 review of rootkit detection software. Does anyone know about this site. Looks good, but I'm skeptical.	Anonymous
Reply Quote	Nov 18th 2010 8 years ago