Stopping the ZeroAccess Rootkit
Jack at the Infosec Institute sent a note announcing research that had been done on the ZeroAccess Rootkit.
He states "One of our InfoSec Resources Authors defeated all of the anti-debugging and anti-forensics features of ZeroAccess and traced the source of this crimeware rootkit"
The full article can be found on their website.
How widespread are rootkits in your environment?
Are you having a problem with rootkits right now or have you had a problem with them in the past?
Write in and share your experiences including any practical tips on recovery in a corporate environment.
Christopher Carboni - Handler On Duty
Keywords: Rootkit ZeroAccess Reverse Engineering
1 comment(s)
×
Diary Archives
Comments
rickr
Nov 18th 2010
1 decade ago