| The ZeroAccess Rootkit Trojan is the latest rootkit virus to have widespread infiltration into a huge number of computers. While traditional viruses attempt to infect and destroy as many computers in their paths before they’re stopped by anti-virus software, rootkits aim to keep your system working but under the control of an outside party. This remote user has administrative power, allowing them to manipulate files and maintain control of your system. Once your system is controlled by the administrator of the rootkit, he can cause it to execute actions. Your system becomes a “botnet,” or “zombie” computer, assisting the culprits to perform fraudulent acts, downloading additional malware and opening software back doors for hackers to enter. Since rootkits execute at the same privilege level as anti-malware software, they’re harder to remove – your computer can’t decide which program should have greater authority to shut down the other. According to James Wyke, senior threat researcher for SophosLabs, the ZeroAccess Rootkit Trojan and its nine known variants have been installed more than nine million times. Its resultant “botnet” is comprised of approximately one million zombie machines, generating huge profits for their masters. In his Technical Paper, ‘The Zero Access Botnet – Mining and Fraud for Massive Financial Gain,’ Wyke calls ZeroAccess “one of the biggest threats on the Internet.” There are two primary ways this virus is distributed. The first is through something called a Blackhole exploit kit. Through a compromised website or a spammed e-mail, the victim is directed to the hacker’s landing page. Ad servers are prime targets for this type of corruption because their high traffic leads to widespread infection. The bad web page contains a JavaScript that scans your computer for vulnerabilities. If they’re found, the virus silently downloads into the background workings of the computer and begins to take over. The second method of distribution is through social engineering. The victim is convinced to run an executable file because they’re attempting to obtain a piece of illicit software, bypass copyright protections, etc. For example, one lure the ZeroAccess creators have used in the past is an illegal copy of a popular game called Skyrim. The user attempts to download it, is prompted to open a Zip file, and the virus is installed, essentially with the user’s permission. Initially, victims notice computer processing slows to a crawl. Internet searches are re-directed to unrelated sites and pop-ups appear much more frequently during web browsing. Advanced forms of the virus have even been linked to information mining and financial fraud, with hackers gaining access to personal information and performing identity theft. According to SophosLab’s research, hackers will pay up to $500 for every 1,000 infected U.S. systems that a rootkit administrator can prove they’ve added to their botnet. Defend yourself before you’re infected. Make sure all your browsers; plug-ins and operating systems are updated with the latest version of software. Out-of-date Firefox, Internet Explorer and Google Chrome, in addition to Adobe Flash, Acrobat and Java are prime targets of Blackhole exploit kits. Don’t give into the temptation of downloading illegal software through sharing and torrent sites. Keep your anti-malware software current and run it often. Regular backups of your data and applications will allow you to more easily perform a re-format/re-install of your operating system if you become infected and are unable to remove the virus through conventional methods. If you suspect you may be infected, contact a computer repair professional as quickly as possible. Not only does this virus open doors for other malware to enter your system undetected, but removal is extremely difficult. It is known to leave behind portions of itself and continue to haunt your computer if not removed properly. Andrea Eldridge is CEO and co-founder of Nerds On Call, an on-site computer and laptop repair service for consumers and businesses. Andrea is the writer of two weekly columns,Computer Nerds On Call a nationally syndicated column for Scripps-Howard News Service, and Nerd Chick Adventures in The Record Searchlight. She regularly appears on shows such as Good Day Sacramento, Good Morning Arizona and MORE Good Day Portland, offering viewers easy tips on technology, Internet lifestyle and gadgets.Post from: SiteProNews |
ZeroAccess Rootkit: Doomsday and Armageddon All in One?
