Posts Tagged ‘64 bit windows’

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

Jun

2012

SophosLabs has been monitoring a new strain of the infamous ZeroAccess rootkit that has been hitting the internet over the last few weeks.ZeroAccess is a sophisticated kernel-mode rootkit that enslaves victim PCs, adding them to a peer-to-peer botnet from which they receive commands to download other malware. The rootkit has undergone several revisions since its […]

Category General Written by Naked Security - Sophos 0 Comments

W32.Xpaj.B is a File Infector with a Vengeance

May

2012

We have recently come across a new wave of W32.Xpaj.B samples. We first met this complex file infector virus in 2009, and since then the threat has been operating and mounting an ad-clicking scam in order to generate revenue. After a few months of rest, the threat seems to be back. Figure 1. Increase […]

Category General Written by Symantec Security Response Blog 0 Comments

64-Bit System Driver Infected and Signed After UAC Bypassed

Mar

2012

What was just a theory not so long ago is now being used in-the-wild by threats such as Backdoor.Hackersdoor and its newer variant Backdoor.Conpee. Back in December we analyzed tdpipe.sys, an infected 64-bit Windows 7 system driver. The infection consisted of an extra import added to the driver’s import table: The import named DiscPart from […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘64 bit windows’

Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode

W32.Xpaj.B is a File Infector with a Vengeance

64-Bit System Driver Infected and Signed After UAC Bypassed

Categories

Featured

Archives

Latest Comments

About Us

Contact Us