In the previous quarter, we reported that we protected against more than 142 million threats in the first half of 2012 alone. One prominent threat in this period was ZACCESS, which is also known as ZeroAccess or SIREFEF. It can push fake applications and other malware onto infected systems, while using its rootkit capabilities to…
Read MoreThree of the most notorious malware families we’ve seen proliferate as of late have now been seen working together in a single attack. In the past months we saw QUERVAR, ransomware, and SIREFEF/ZACCESS grow rampant in certain regions. QUERVAR was seen widespread in the North America, EMEA, and ANZ regions, ransomware malware family has been…
Read MoreDuring the last weeks of July, we received reports from customers that their services.exe files were being patched by an unknown malware. The patched services.exe, detected by Trend Micro as PTCH_ZACCESS (for 32-bit version) and PTCH64_ZACCESS (for 64-bit version), was verified to be a component of the SIREFEF/ZACCESS malware family. ZACCESS (also known as ZEROACCESS)…
Read MoreIn the first half of the year, the spam volume increased by 60% compared to the data last 1H 2013. We can attribute these to several factors: the prevalence of DOWNAD and the steady boom of malware-related emails with spam-sending capabilities (such as MYTOB). Prevalent threats like UPATRE and ZeuS/ZBOT also employed spam as its…
Read MoreLast April, we reported a KULUOZ spam campaign using the South Korean ferry sinking tragedy, one that came hot at the heels of the actual event itself. KULUOZ, as we tackled during that blog entry, is a malware that is distributed by the Asprox botnet. It can download certain strains of FAKEAV and ZACCESS malware…
Read More