Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Stopping the ZeroAccess Rootkit

Jack at the Infosec Institute sent a note announcing research that had been done on the ZeroAccess Rootkit.

He states "One of our InfoSec Resources Authors defeated all of the anti-debugging and anti-forensics features of ZeroAccess and traced the source of this crimeware rootkit"

The full article can be found on their website.

How widespread are rootkits in your environment?

Are you having a problem with rootkits right now or have you had a problem with them in the past?

Write in and share your experiences including any practical tips on recovery in a corporate environment.

Christopher Carboni - Handler On Duty


140 Posts
Nov 18th 2010
ok, from a Google search "detect zeroaccess rootkit" this site looked interesting with an April 2010 review of rootkit detection software. Does anyone know about this site. Looks good, but I'm skeptical.

Sign Up for Free or Log In to start participating in the conversation!