ZeroAccess, a kernel-mode rootkit, recently shifted its infection technique from kernel mode to user mode. (For more on ZeroAccess, which turns infected systems into a peer-to-peer botnet, read these posts from my colleagues Peter Szor and Aditya Kapoor.) Even in user mode, ZeroAccess can maintain its presence on an infected system. ZeroAccess implements what I Read more…
Tags: botnet, kernel mode, rootkit, user mode, ZeroAccess
Digital certificates and certificate authorities have been much in the news recently. Attacks–such as those used by Stuxnet, Duqu, and other malware–involving stolen certificates show an increasingly worrisome new security trend. Certificate authorities have been targeted several times in the recent past with some success. There is a large chunk of known malware signed by Read more…
Tags: Adobe, Digital Certificates, Duqu, Rogue Certificates, rootkit, RootkitRemover, Stuxnet, ZeroAccess
Posts tagged under ZeroAccess