Difference between revisions of "ZeroAccess's way of self-deletion"
Jump to navigation
Jump to search
m (1 revision imported) |
m (Text replacement - " www.f-secure.com" to "") |
||
| Line 5: | Line 5: | ||
|Licence= | |Licence= | ||
|Video= | |Video= | ||
|Link=http://www.f-secure.com/weblog/archives/00002385.html | |Link=http://www.f-secure.com/weblog/archives/00002385.html | ||
|Author=Wayne, | |Author=Wayne, | ||
|NomRevue=F-Secure Weblogs | |NomRevue=F-Secure Weblogs | ||
Latest revision as of 22:50, 5 August 2015
(Publication) Google search: [1]
| ZeroAccess's way of self-deletion | |
|---|---|
| |
| Botnet | ZeroAccess |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / June 13, 2012 |
| Editor/Conference | F-Secure |
| Link | http://www.f-secure.com/weblog/archives/00002385.html (Archive copy) |
| Author | Wayne |
| Type | |
Abstract
“ We normally see malware developing and evolving over the years. One particular malware we've been following is ZeroAccess, which has been continuously improving which we first detected it in late 2010. Case in point: in the latest samples, its self-deletion routine has changed.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1036,
editor = {F-Secure},
author = {Wayne},
title = {ZeroAccess's way of self-deletion},
date = {13},
month = Jun,
year = {2012},
howpublished = {\url{http://www.f-secure.com/weblog/archives/00002385.html}},
}