Difference between revisions of "ZeroAccess"

From Botnets.fr
Jump to: navigation, search
(Created page with "{{Botnet |Alias=Smiscer, Sirefef, Zaccess, |Target=Microsoft Windows, |CCProtocol=HTTP, P2P, }}")
(No difference)

Revision as of 18:08, 29 November 2014

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

ZeroAccess
Alias Smiscer, Sirefef, Zaccess
Group
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of:
Distribution of:
Campaigns:

Target Microsoft Windows
Origin
Distribution vector
UserAgent
CCProtocol HTTP (Centralized), P2P (Decentralized)
Activity /
Status
Language
Programming language
Operation/Working group

Introduction

Features

Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
Cracking the encrypted C&C protocol of the ZeroAccess botnetJohn MorrisVirus Bulletin2012
Detecting extended attributes (ZeroAccess) and other Frankenstein’s monsters with HMFTHexacorn2013
Have we seen the end of the ZeroAccess botnet?James WykeSophos Labs2014
Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-modeJames WykeSophos Labs2012
Over 9 million PCs infected - ZeroAccess botnet uncoveredJames WykeSophos Labs2012
Panda Security uncovers bot-killing malwareBrian PrinceWired Business Media2012
Rovnix Reloaded: new step of evolutionDavid Harley
Aleksandr Matrosov
Eugene Rodionov
ESET2012
TDL4 reloaded: Purple Haze all in my brainDavid Harley
Eugene Rodionov
Aleksandr Matrosov
ESET2012
The ZeroAccess botnet revealedAditya BalapureInfosec Institute2013
The ZeroAccess botnet: mining and fraud for massive financial gainJames WykeSophos Labs2012
The ZeroAccess rootkitJames WykeSophos2012
Trojan.ZeroAccess infection analysisSean Hittel
Rong Zhou
Symantec2012
ZACCESS/SIREFEF arrives with new infection techniqueManuel GatbuntonTrend Micro2012
ZeroAccess - new steps in evolutionArtem I. BaranovArtem Baranov2012
ZeroAccess anti-debug uses debuggerJoshua CannellMalwarebytes2013
ZeroAccess rootkit launched by signed installersKevin Beets
Peter Szor
McAfee2011
ZeroAccess's way of self-deletionWayneF-Secure2012
ZeroAccess: code injection chroniclesAleksandr MatrosovESET2012