Early December last year, Microsoft – in cooperation with certain law enforcement agencies – announced their takedown of the ZeroAccess operations. However, this also unexpectedly affected another well-known botnet, TDSS. TDSS and ZeroAccess ZeroAccess is one of the most notable botnets in the world, with its malware known for rootkit capability. This malware is typically downloaded…
Read MoreTDSS and ZeroAcess are both well-known threats that have many common characteristics. Both are difficult to remove rookits, both engage in click fraud and use peer-to-peer communication techniques. Some may even wonder if these similar threats come from the same group of cybercriminals. In September 2012, researchers found several TDSS variants which were called “DGAv14”….
Read MoreDuring the last weeks of July, we received reports from customers that their services.exe files were being patched by an unknown malware. The patched services.exe, detected by Trend Micro as PTCH_ZACCESS (for 32-bit version) and PTCH64_ZACCESS (for 64-bit version), was verified to be a component of the SIREFEF/ZACCESS malware family. ZACCESS (also known as ZEROACCESS)…
Read More