ZeroAccess Rootkit: Doomsday and Armageddon all-in-one?

The ZeroAccess Rootkit Trojan is the latest rootkit virus to gain widespread infiltration into a huge number of computers.
Spread the Word
Listed Under

* Virus
* Computer Repair
* Rootkit
* Malware

* Technology

* US

Nov. 5, 2012 - PRLog -- The ZeroAccess Rootkit Trojan is the latest rootkit virus to gain widespread infiltration into a huge number of computers. While traditional viruses attempt to infect and destroy as many computers in their path before they’re stopped by anti-virus software, rootkits aim to keep your system working but under the control of an outside party. They typically give a remote user administrative power, allowing them to manipulate files and maintain control of your system.

Once your system is controlled by the administrator of the rootkit, he can cause it to execute actions. Your system becomes a “botnet,” or “zombie” computer, assisting the culprits to perform fraudulent acts, downloading additional malware and opening software back doors for hackers to enter. Since rootkits execute at the same privilege level as anti-malware software, they’re harder to remove – your computer can’t decide which program should have greater authority to shut down the other.

According to James Wyke, Senior Threat Researcher for SophosLabs, The ZeroAccess Rootkit Trojan and its nine known variants has been installed over 9 million times ( Its resultant “botnet” is comprised of approximately 1 million zombie machines, generating huge profits for their masters. In his Technical Paper, “The Zero Access Botnet – Mining and Fraud for Massive Financial Gain,” Mr. Wyke calls ZeroAccess “one of the biggest threats on the Internet.”

There are two primary ways this virus is distributed. The first is through something called a Blackhole exploit kit. Through a compromised website or a spammed email, the victim is directed to the hacker’s landing page. Ad servers are prime targets for this type of corruption because their high traffic leads to widespread infection. The bad web page contains a JavaScript that scans your computer for vulnerabilities. If they’re found, the virus silently downloads into the background workings of the computer and begins to take over.

The second method of distribution is through social engineering. The victim is convinced to run an executable file because they’re attempting to obtain a piece of illicit software, bypass copyright protections, etc. For example, one lure the ZeroAccess creators have used in the past is an illegal copy of a popular game called Skyrim. The user attempts to download it, is prompted to open a Zip file, and the virus is installed, essentially with the user’s permission.

Initially, victims notice that computer processing slows to a crawl. Internet searches are re-directed to unrelated sites and pop-ups appear much more frequently during web browsing. Advanced forms of the virus have even been linked to information mining and financial fraud, with hackers gaining access to your personal information and performing identity theft.

According to SophosLab’s research, hackers will pay up to $500 for every 1000 infected U.S. systems that a rootkit administrator can prove they’ve added to their botnet.

Defend yourself before you’re infected. Make sure all your browsers, plug-ins and operating systems are updated with the latest version of software. Out-of-date Firefox, Internet Explorer and Google Chrome, in addition to Adobe Flash, Acrobat and Java are prime targets of Blackhole exploit kits. Don’t give in to the temptation of downloading illegal software through sharing and torrent sites. Keep your anti-malware software current and run it often. Regular backups of your data and applications will allow you to more easily perform a re-format/re-install of your operating system if you become infected and are unable to remove the virus through conventional methods.

If you suspect you may be infected, contact a computer repair professional as quickly as possible. Not only does this virus open doors for other malware to enter your system un-detected, but removal is extremely difficult. It is known to leave behind portions of itself and continue to haunt your computer if not removed properly.

Andrea is the celebrated and syndicated technology columnist for Scripps-Howard and regularly appears as a guest tech correspondent on ABC, NBC, FOX, and CBS on shows such as Good Day Sacramento, Good Morning Arizona and MORE Good Day Portland, offering viewers easy tips on technology, Internet lifestyle, and gadgets.  Andrea is available for Q and A’s, expert tech quotes to reporters and will even appear on your show, so call today! To see Andrea in action check her out at

About Nerds On Call
Established in a spare room in Redding, Calif., in March 2004, Nerds On Call offers on-site computer and electronic repair services to consumers and businesses. Nerds On Call provides trouble-shooting for PCs and Macs, home and office networks, printers, iPods® and MP3 players, handheld devices and cell phones, home theaters and game systems, and virtually every other form of digital entertainment. In 2009, 2010 & 2011, the company was named to Inc. magazine’s list of 5000 fastest growing private companies. With 15 locations across California, Oregon, Washington, Arizona & South Dakota Nerds On Call serves more than 40,000 satisfied customers per year. For more information, visit or call 1-800-919-NERD.
Source:Nerds On Call
Email:*** Email Verified
Tags:Virus, Computer Repair, Rootkit, Malware
Location:United States
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
Page Updated Last on: Nov 05, 2012

Like PRLog?
Click to Share