Share to: share facebook share twitter share wa share telegram print page

ZeroAccess botnet

ZeroAccess is a Trojan horse computer malware that affects Microsoft Windows operating systems. It is used to download other malware on an infected machine from a botnet while remaining hidden using rootkit techniques.[1]

History and propagation

The ZeroAccess botnet was discovered at least around May 2011.[2] The ZeroAccess rootkit responsible for the botnet's spread is estimated to have been present on at least 9 million systems.[3] Estimates botnet size vary across sources; antivirus vendor Sophos estimated the botnet size at around 1 million active and infected machines in the third quarter of 2012, and security firm Kindsight estimated 2.2 million infected and active systems.[4][5]

The bot itself is spread through the ZeroAccess rootkit through a variety of attack vectors. One attack vector is a form of social engineering, where a user is persuaded to execute malicious code either by disguising it as a legitimate file, or including it hidden as an additional payload in an executable that announces itself as, for example, bypassing copyright protection (a keygen). A second attack vector utilizes an advertising network in order to have the user click on an advertisement that redirects them to a site hosting the malicious software itself. Finally, a third infection vector used is an affiliate scheme where third-party persons are paid for installing the rootkit on a system.[6][7]

In December 2013 a coalition led by Microsoft moved to destroy the command and control network for the botnet. The attack was ineffective though because not all C&C were seized, and its peer-to-peer command and control component was unaffected - meaning the botnet could still be updated at will.[8]

Operation

Once a system has been infected with the ZeroAccess rootkit it will start one of the two main botnet operations: bitcoin mining or click fraud. Machines involved in bitcoin mining generate bitcoins for their controller, the estimated worth of which was 2.7 million US dollars per year in September 2012.[9] The machines used for click fraud simulate clicks on website advertisements paid for on a pay per click basis. The estimated profit for this activity may be as high as 100,000 US dollars per day,[10][11] costing advertisers $900,000 a day in fraudulent clicks.[12] Typically, ZeroAccess infects the Master Boot Record (MBR) of the infected machine. It may alternatively infect a random driver in C:\Windows\System32\Drivers giving it total control over the operating system.[citation needed] It also disables the Windows Security Center, Firewall, and Windows Defender from the operating system. ZeroAccess also hooks itself into the TCP/IP stack to help with the click fraud.

The software also looks for the Tidserv malware and removes it if it finds it.[1]

See also

References

  1. ^ a b "Risk Detected". www.broadcom.com.
  2. ^ "Monthly Malware Statistics, May 2011". securelist.com.
  3. ^ Wyke, James (19 September 2012). "Over 9 million PCs infected – ZeroAccess botnet uncovered". Sophos. Retrieved 27 December 2012.
  4. ^ Jackson Higgins, Kelly (30 October 2012). "ZeroAccess Botnet Surges". Dark Reading. Archived from the original on 3 December 2012. Retrieved 27 December 2012.
  5. ^ Kumar, Mohit (19 September 2012). "9 million PCs infected with ZeroAccess botnet". The Hacker News. Retrieved 27 December 2012.
  6. ^ Wyke, James (4 April 2012). "The ZeroAccess rootkit". Sophos. p. 2. Retrieved 27 December 2012.
  7. ^ Mimoso, Michael (30 October 2012). "ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining". ThreatPost. Archived from the original on 3 December 2012. Retrieved 27 December 2012.
  8. ^ Gallagher, Sean (6 December 2013). "Microsoft disrupts botnet that generated $2.7M per month for operators". Ars Technica. Retrieved 9 December 2013.
  9. ^ Wyke, James. "The ZeroAccess Botnet: Mining and Fraud for Massive Financial Gain" (PDF). Sophos. pp. (Page 45). Retrieved 27 December 2012.
  10. ^ Leyden, John (24 September 2012). "Crooks can milk '$100k a day' from 1-million-zombie ZeroAccess army". The Register. Retrieved 27 December 2012.
  11. ^ Ragan, Steve (31 October 2012). "Millions of Home Networks Infected by ZeroAccess Botnet". SecurityWeek. Retrieved 27 December 2012.
  12. ^ Dunn, John E. (2 November 2012). "ZeroAccess bot has infected 2 million consumers, firm calculates". Techworld. Retrieved 27 December 2012.

Read other articles:

Barkas (perahu)

Sebuah barkas Iran, dipakai untuk memancing Barkas adalah sebuah perahu motor terbuka.[1][2] Bagian depan barkas ditutup. Sebelum era mesin pada kerajinan kecil, barkas adalah perahu terbesar pada kapal layar, ditenagai oleh layar atau dayung. Dalam lomba dayung, barkas adalah perahu yang dimotorisasi yang dipakai oleh pelatih saat pelatihan. Referensi ^ Launch (3) noun. Merriam Webster. Diakses tanggal October 29, 2014.  ^ Launch (2) noun. Oxford Dictionaries. Diarsipkan da…

Joseph Noel Paton

SirJoseph Noel PatonFRSA, LLDPaton pada 1866Lahir13 Desember 1821Dunfermline, SkotlandiaMeninggal26 Desember 1901Edinburgh, SkotlandiaKebangsaanSkotlandiaAlmamaterDunfermline Art AcademyDikenal atasSeniman, ilustrator dan pemahatSuami/istriMargaret Gourlay Ferrier Sir Joseph Noel Paton FRSA LLD(13 Desember 1821 – 26 Desember 1901) adalah seorang seniman, ilustrator dan pemahat asal Skotlandia.[1][2] Ia juga merupakan penyair[3] dan memiliki peminatan d…

Masjid Agung Jawa Tengah

Masjid Agung Jawa Tengahالجامع الكبير جاوة الوسطىꦩꦱ꧀ꦗꦶꦢ꧀​ꦄꦒꦼꦁ​​ꦗꦮꦶ​ꦩꦢꦾMasjid Agêng Jawi MadyaMasjid Agung Jawa TengahAgamaAfiliasiIslam – SunniProvinsi Jawa TengahLokasiLokasiSemarangNegara IndonesiaArsitekturArsitekIr. H. Ahmad FananiTipeMasjidGaya arsitekturPerpaduan arsitektur Jawa dan ArabPeletakan batu pertama6 September 2002 Luas 10.000 M2Rampung14 November 2006SpesifikasiKapasitas6.000 ditambah 10.000 jamaah (Kap…

Autonomous Region of Catalonia (1931–1939)

Autonomous polity in Spain This article is about the historic political entity within the Second Spanish Republic. For the current autonomous community, see Catalonia. CataloniaCatalunya (Catalan)Cataluña (Spanish)1931–1939 Flag Seal Location of Catalonia (dark green) within the Spanish Republic (light green) and EuropeStatusAutonomous region within the Second Spanish RepublicCapitalBarcelonaCommon languagesCatalan, SpanishDemonym(s)Catalan or CatalonianGovernmentGeneralitat of…

Jodoigne

Si ce bandeau n'est plus pertinent, retirez-le. Cliquez ici pour en savoir plus. La mise en forme de cet article est à améliorer (juin 2023). La mise en forme du texte ne suit pas les recommandations de Wikipédia : il faut le « wikifier ». Si ce bandeau n'est plus pertinent, retirez-le. Cliquez ici pour en savoir plus. Le fond de cet article de géographie est à vérifier (mars 2018). Améliorez-le ou discutez des points à vérifier. Si vous venez d’apposer le bandeau, me…

Yeremia 40

Untuk Yeremia 40 dalam Septuaginta, lihat Yeremia 33. Yeremia 40Kitab Yeremia dalam Alkitab Ibrani, MS Sassoon 1053, foto 283-315.KitabKitab YeremiaKategoriNevi'imBagian Alkitab KristenPerjanjian LamaUrutan dalamKitab Kristen24← pasal 39 pasal 41 → Yeremia 40 (disingkat Yer 40; Penomoran Septuaginta: Yeremia 47) adalah bagian dari Kitab Yeremia dalam Alkitab Ibrani dan Perjanjian Lama di Alkitab Kristen. Berisi perkataan nabi Yeremia bin Hilkia, tentang Yehuda dan Yerusalem, yang hid…

Thomas Hitzlsperger

Thomas Hitzlsperger Hitzlsperger bersama West Ham, Maret 2011Informasi pribadiNama lengkap Thomas HitzlspergerTanggal lahir 5 April 1982 (umur 42)Tempat lahir Munich, Jerman BaratTinggi 1,83 m (6 ft 0 in)[1]Posisi bermain Gelandang tengahKarier junior1988–1989 VfB Forstinning1989–2000 Bayern Munich2000–2001 Aston VillaKarier senior*Tahun Tim Tampil (Gol)2001–2005 Aston Villa 99 (8)2001 → Chesterfield (pinjaman) 5 (0)2005–2010 VfB Stuttgart 125 (20)2010 Lazio 6 …

Ministerial order

Decree made by a ministry A ministerial decree or ministerial order is a decree by a ministry. With a ministerial decree the administrative department is delegated the task to impose a formal judgement or mandate. Ministerial decrees are usually imposed under the authority of the department's chief minister, secretary or administrator. Belgium In Belgium, a ministerial decree (Dutch: ministerieel besluit, French: arrêté ministériel) is a decision of a minister of the federal government. The B…

Jan Tangen

Questa voce sull'argomento calciatori norvegesi è solo un abbozzo. Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Segui i suggerimenti del progetto di riferimento. Jan Tangen Nazionalità  Norvegia Calcio Ruolo Attaccante CarrieraSquadre di club1 1949-1961 Strømmen139 (70) 1 I due numeri indicano le presenze e le reti segnate, per le sole partite di campionato.Il simbolo → indica un trasferimento in prestito. Statistiche aggiornate al 10 maggio 2012 Modifi…

German submarine U-575

German World War II submarine The crew after return from seventh patrol History Nazi Germany NameU-575 Ordered8 January 1940 BuilderBlohm & Voss, Hamburg Yard number551 Laid down1 August 1940 Launched30 April 1941 Commissioned19 June 1941 Nickname(s)Liliput FateSunk by Allied warships and aircraft on 13 March 1944[1] General characteristics Class and typeType VIIC submarine Displacement 769 tonnes (757 long tons) surfaced 871 t (857 long tons) submerged Length 67.10 m (220&…

Episodi di Tropical-Rouge! Pretty Cure

Voce principale: Tropical-Rouge! Pretty Cure. Logo occidentale della serie Lista degli episodi di Tropical-Rouge! Pretty Cure, diciottesima serie anime di Pretty Cure, trasmessa in Giappone su TV Asahi dal 28 febbraio 2021[1] al 30 gennaio 2022. In Italia è inedita. La sigla originale di apertura, Viva! Spark! Tropical-Rouge! Precure (Viva!Spark!トロピカル~ジュ!プリキュア?), è cantata da Machico per gli ep. 1-18 e in aggiunta del coro del Tropical …

Rita (serie televisiva)

RitaTitolo originaleRita PaeseDanimarca Anno2012-2020 Formatoserie TV Generecommedia drammatica Stagioni5 Episodi40 Durata40 min (episodio) Lingua originaledanese Rapporto16:9 CreditiIdeatoreChristian Torpe RegiaLars Kaalund, Jannik Johansen, Kathrine Windfeld, Mogens Hagedorn Interpreti e personaggi Mille Dinesen: Rita Madsen Carsten Bjørnlund: Rasmus Ellen Hillingsø: Helle Lise Baastrup: Hjørdis Nikolaj Groth: Jeppe Madsen Lisbet Lundquist: Lilibeth Morten Vang Simonsen: Ricco Madsen Sara H…

Shield wall (castle)

Curtain wall which defends the only practical line of approach to a hill castle This article is about defensive structure of a castle. For military or police tactic, see Shield wall. The shield wall of Stahleck Castle A shield wall, also shield-wall or Schildmauer, refers to the highest and strongest curtain wall, or tower of a castle that defends the only practicable line of approach to a castle built on a mountain, hill or headland.[1][2][3] German sources may refer to …

French submarine Le Centaure

For other ships with the same name, see French ship Centaure. Le Centaure Le Centaure′s sister ship Ajax in 1930. History France NameLe Centaure NamesakeCentaur, a creature from Greek mythology with the upper body of a human and the lower body and legs of a horse OperatorFrench Navy BuilderArsenal de Brest, Brest, France Laid down1 August 1929 Launched14 October 1932 Commissioned1 January 1935 Decommissioned19 June 1952 HomeportBrest, France General characteristics Class and typeRedoutabl…

新罕布什尔州

坐标:43°11′38″N 71°34′21″W / 43.1938516°N 71.5723953°W / 43.1938516; -71.5723953 此條目需要补充更多来源。 (2017年5月21日)请协助補充多方面可靠来源以改善这篇条目,无法查证的内容可能會因為异议提出而被移除。致使用者:请搜索一下条目的标题(来源搜索:新罕布什尔州 — 网页、新闻、书籍、学术、图像),以检查网络上是否存在该主题的更多可靠来源(…

Melinda Bam

Melinda BamLahirMelinda de Kok14 Mei 1989 (umur 35)[1]Pretoria, Afrika SelatanAlmamaterUniversitas PretoriaPekerjaanModel, penulis, pelukis, perancang busana[2][3]Tinggi1,70 m (5 ft 7 in)GelarMiss South Africa 2011Pemenang kontes kecantikanWarna rambutPirangWarna mataCokelatKompetisiutamaMiss South Africa 2011(Pemenang)(Miss Tropika)(Me Waterkloof and Candy Girl pageants)Miss Universe 2012 (Top 10) Melinda Bam (lahir 14 Mei 1989) adalah seorang model, …

House of Tudor

English royal house of Welsh origin Tudors redirects here. For other uses, see Tudor (disambiguation). House of TudorTudor roseParent houseTudors of PenmynyddCountry Kingdom of England Kingdom of Ireland Principality of Wales Founded1485; 539 years ago (1485)FounderHenry VII (first Tudor king)Final rulerElizabeth ITitles King of England King of Ireland King of France (claim) Lord of Ireland Queen of Scotland Queen of France Prince of Wales Duke of Bedford Duke of Cornwall Duke …

Gru (rapper)

Serbian musician (1973–2019) This article is about Serbian rapper. For other uses, see Gru (disambiguation). GruГруGru at the Ultimate Collection promotion in 2009.BornDalibor Andonov(1973-03-08)8 March 1973Dimitrovgrad, SR Serbia, SFR YugoslaviaDied9 September 2019(2019-09-09) (aged 46)Zemun, SerbiaOccupations Musician DJ rapper producer television personality actor Years active1990–2019SpouseDanica PrvulovićChildren2Musical careerGenres Hip hop Funk Eurodance Instrument(s) Vo…

Entertainment industry during World War II

During World War II, the entertainment industry changed to help the war effort. Often the industry became more closely controlled by national governments, who believed that a supportive home front was crucial to victory. Through regulation and censorship, governments sought to keep spirits high and to depict the war in a positive light. They also found new ways to use entertainment media to keep citizens informed. Government censorship of mass media was enforced because of fears of threats to na…

Shuttle–Mir program

1993–1998 collaborative Russia–US space program Shuttle–Mir programПрограмма «Мир» — «Шаттл»Program overviewCountry United States RussiaOrganizationNASARFSAStatusCompletedProgram historyDuration1993–1998First flightSTS-60 (February 3, 1994)Last flightSTS-91 (June 2, 1998)Launch site(s)Kennedy Space CenterBaikonurVehicle informationCrewed vehicle(s)Space ShuttleMirSoyuz Part of a series on theUnited States space program NASAU.S. Space Force Human spaceflig…

Buaya irian
Solvay S.A.
Kranggan, Galur, Kulon Progo
Peña de Francia
David Ervine
/profillengkap.com/index.php/article/Giorgio Jan
/profillengkap.com/index.php/article/Chadwell Heath
/profillengkap.com/index.php/article/Tavče gravče
/profillengkap.com/index.php/article/LGBT rights in Namibia
/profillengkap.com/index.php/article/Zlatko Janjić
/profillengkap.com/index.php/article/China Railways Type 24 rolling stock
/profillengkap.com/index.php/article/Nueva Pompeya
/profillengkap.com/index.php/article/2023–24 Tranmere Rovers F.C. season
/profillengkap.com/index.php/Daftar Bupati Batu Bara
1976 IAAF World Cross Country Championships
Andrew Jackson (efek visual)
Ivan Tričkovski
Kawasan Konservasi Perairan Daerah Kabupaten Muna
Beginner
SP-183 (São Paulo highway)
Katedral Phát Diệm
Fanatisme
Daftar keuskupan di Suriah
Louis de Funès
Arief Fadhillah
Estola fratercula
Buonalbergo
Kabardino–Balkaria
Band-e Kahnuj
Joanne Moore
Ngenyan Asa, Barong Tongkok, Kutai Barat
2021 Rink Hockey European Championship
Ulee Gunong, Tangse, Pidie
كلية طب الأسنان (جامعة البصرة)
Ninibeth Leal
Pacarku Kuntilanak Kembar
Daftar film terlaris di Tiongkok
Negeri Sembilan FC
President of the Treasury Board
Silver Explorer
Daftar Bupati Bangka Selatan
Isabel Díaz Ayuso
Glomerulosklerosis
Islay Marsden
العلاقات الإثيوبية الكندية
Hari Pembentukan Negara
العلاقات البريطانية الناوروية
(30238) 2000 HY4
Sales tax token
The Japanese School in Perth
Yohann Kouam
Bernd Heine
Stakes Winner
The Herald News
LUNA"
Kampanye Italia pada Peperangan Revolusioner Prancis
Template talk:Daytime Emmy Award Outstanding Drama Series Writing Team
La Chapelle-la-Reine
Maude Apatow
Coals of Fire (1918 film)
Dull, Perth and Kinross
A114 road (England)
Ardley United F.C.
Bug Music
North Manitou Island
Konkan
Harry Watts
The Christian Chronicle
Great Yarmouth
Keep the Faith (KAT-TUN song)
Temple Israel (Cape Town)
Atmosphere of Earth
Petrochemical industry
List of monastic houses in County Leitrim
Resian dialect
Economy of Puerto Rico
Puebla
Soraya Arnelas
Anandalok Best Male Playback Award
Great North of England Railway
Zwalm (river)
Perfluorotoluene
2012 Oregon legislative election
Pinwheel tiling
Hussain Shahi dynasty
Hall house
Iracema, Ceará
افتخار حسين خان
Urgesellschaft
Ward No. 119, Kolkata Municipal Corporation
Negros Occidental
History of the Georgia Institute of Technology
FULRO insurgency
Alex Perez (fighter)
Borlet
Kyle MacLachlan
List of Bulgarian-language poets
ARHGEF5
/kampuspedia.com/index.php/Black Clover
Battle of Yazoo City
Altrincham F.C.
Sibunag
Eshipur
Mitsubishi Motors
Pulsed Pressure Cavitation Technique
2011 Sydney Roosters season
List of acts of the 111th United States Congress
Ernest Hemingway: The Collected Stories
Mike Leaf
Osmoreceptor
Saint Maria Goretti Parish (San Jose, California)
/kampuspedia.com/index.php/en/Governor-General of Taiwan
French frigate Atalante (1802)
1955 Detroit Lions season
1604 en science
Tchoukball
The Battle of Jangsari
Linda Fahrni
Si La people
David Stefani
Pandukabhaya of Anuradhapura
Nihar Kanti Chakma
Osimertinib
Mexico at the Paralympics
Railway Recruitment Control Board
Партизани в степах України
Chun Byung-kwan
Ellsworth–Federal station
Diptych
Template talk:Philadelphia Malls
SSD San Nicolò Notaresco
Piano Sonata No. 1 (Hindemith)
Tramway de Strasbourg
1995 Wuding earthquake
Rosa Gerhardt
Saka, Estonia
State of the City address
نوكيا لوميا 820
Gilmar Mayo
Dagmara Wozniak
Csajág
Lee Suik-houng
Litchfield County Jail
Gastric lymphoma
Byers Peninsula
Television channel frequencies
Lake Sebu, South Cotabato
Terrebonne—Blainville
List of countries by thorium resources
Social Affairs and Health Committee
Philip Emeagwali
The Golden Bed
Eduard Gikayev
Alexander 23
List of solar eclipses in the Middle Ages
1929 in Belgium
Magda Cazanga
Labour of Love
Seven Generations Education Institute
نقاش القالب:أمراض الأذن الخارجية والوسطى
Fronturlaub
Upper Umpqua language
De Pijp metro station
1909 Iowa Hawkeyes football team
El Senbellawein
Portage
Greg Maddux
J. Hillis Miller
Catholic Encyclopedia
Sèvres–Babylone station
Сифран
حجم الدم المركزي
/kampuspedia.com/index.php/en/Timeline of women's legal rights (other than voting)
/kampuspedia.com/index.php/ru/Официальный курс иностранных валют по отношению к рублю
Ace File
Imani Daud Aboud
Roosevelt & Son
Wai-wai people
FBI Ten Most Wanted Fugitives by year, 1963
List of Czech restaurants
Marianne Cohn
Bahasa Yiddi
Everything, Everything (album)
Nuyts Land District
Eka Purnama Indah
Kriimi laid
Eskbank railway station
Stanislav Poplavsky
Prins Thomas
Lippo d'Andrea
Loterio Rusca
Fiji vs Papua New Guinea in rugby league
Guth v. Loft Inc.
Podaraki
Web framework
Uncaged Campaigns
Timeline of First Nations history
Is the Man Who Is Tall Happy?
Khaldunia High School
Idaho Statesman
Kerei Khan
Rapid prompting method
Daithí McKay
À l'Olympia (album de Céline Dion)
Bayview station (Ottawa)
Laundry-folding machine
Emile Mbouh
Stressed Out
Interstate 480 (Ohio)
Epilepsy Foundation
2022 Abu Dhabi attack
Botnang
Upper Rogers kóḻii7 Conservancy
Mario Nanni
Lidokain
Chakwaina
E-Talkshow
ATP Salzburg Indoors 2009 – Tunggal
United States military beret flash
Modèle:Palette Effectif actuel du Tottenham Hotspur FC
Kings Cross Steelers
Ángeles y demonios (película de 2009)
Pál Szalai
Brazilian jazz
Olivier-Clément Cacoub
Alexis Brunelle-Duceppe
Torbjørn Sunde
Jozef Vliers
Sustainable Development, Spatial and Regional Planning Committee
الحرب الشيشانية الأولى
Area of Special Conservation Interest
Julien Blanc-Gras
Garuda Indonesia Penerbangan 150
NGC 4037
Canton of Pays de Briey
Pjotr Nikolajewitsch Wrangel
Ted Osborne
USS Springfield (CL-66)
МДЭ (фреймворк)
Tape trading
Plaza Hotel
Side Man
Autarquía
بذل النصح والشفقة للتعريف بصحبة السيد ورقة
Ibnu Hisham
KS Apator Stadium
World Convention of Churches of Christ
Джефферсон-Дейвис
Улица Тоом-Рюйтли
Masaya Okugawa
Kembali kehalaman sebelumnya