• No events
AEC v1.0.4

Cyber Security Info

Rootkit Necrus added to Zeus variant

March 5, 2014

Share Button

Sophos analyzed a new variant of malware Gameover, a widespread variant of Zeus botnet. The new verion not only injects itself to the systém processes but also includes rootkit called Necros. Necros is installed as a kernel driver to make removal attempts more difficult. Gameover also now includes a new way to avoid detectionby adding specific binary data to hamper checksum-based file detection.

Share Button