翻訳と辞書 |
ZeroAccess botnet : ウィキペディア英語版 | ZeroAccess, also known as Max++ and/or Sirefef, is Trojan horse computer malware that affects Microsoft Windows operating systems. It is used to download other malware on an infected machine from a botnet mostly involved in bitcoin mining and click fraud, while remaining hidden on a system using rootkit techniques.== History and propagation ==The ZeroAccess botnet was discovered at least around May 2011.(Monthly Malware Statistics, May 2011 (''Securelist'') ) The ZeroAccess rootkit responsible for the botnet's spread is estimated to have been present on at least 9 million systems. Estimates of the size of the botnet vary across sources; antivirus vendor Sophos estimated the botnet size at around 1 million active and infected machines in the third quarter of 2012, and security firm Kindsight estimated 2.2 million infected and active systems.The bot itself is spread through the ZeroAccess rootkit through a variety of attack vectors. One attack vector is a form of social engineering, where a user is persuaded to execute malicious code either by disguising it as a legitimate file, or including it hidden as an additional payload in an executable which announces itself as, for example, bypassing copyright protection (a keygen). A second attack vector utilizes an advertising network in order to have the user click on an advertisement that redirects them to a site hosting the malicious software itself. A third infection vector used is an affiliate scheme where third party persons are paid for installing the rootkit on a system.In December 2013 a coalition led by Microsoft moved to destroy the command and control network for the botnet. The attack was ineffective though because not all C&C were seized, and its peer-to-peer command and control component was unaffected - meaning the botnet could still be updated at will. ZeroAccess, also known as Max++ and/or Sirefef, is Trojan horse computer malware that affects Microsoft Windows operating systems. It is used to download other malware on an infected machine from a botnet mostly involved in bitcoin mining and click fraud, while remaining hidden on a system using rootkit techniques. == History and propagation == The ZeroAccess botnet was discovered at least around May 2011.〔(Monthly Malware Statistics, May 2011 (''Securelist'') )〕 The ZeroAccess rootkit responsible for the botnet's spread is estimated to have been present on at least 9 million systems. Estimates of the size of the botnet vary across sources; antivirus vendor Sophos estimated the botnet size at around 1 million active and infected machines in the third quarter of 2012, and security firm Kindsight estimated 2.2 million infected and active systems. The bot itself is spread through the ZeroAccess rootkit through a variety of attack vectors. One attack vector is a form of social engineering, where a user is persuaded to execute malicious code either by disguising it as a legitimate file, or including it hidden as an additional payload in an executable which announces itself as, for example, bypassing copyright protection (a keygen). A second attack vector utilizes an advertising network in order to have the user click on an advertisement that redirects them to a site hosting the malicious software itself. A third infection vector used is an affiliate scheme where third party persons are paid for installing the rootkit on a system. In December 2013 a coalition led by Microsoft moved to destroy the command and control network for the botnet. The attack was ineffective though because not all C&C were seized, and its peer-to-peer command and control component was unaffected - meaning the botnet could still be updated at will.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「ZeroAccess, also known as Max++ and/or Sirefef, is Trojan horse computer malware that affects Microsoft Windows operating systems. It is used to download other malware on an infected machine from a botnet mostly involved in bitcoin mining and click fraud, while remaining hidden on a system using rootkit techniques.== History and propagation ==The ZeroAccess botnet was discovered at least around May 2011.(Monthly Malware Statistics, May 2011 (''Securelist'') ) The ZeroAccess rootkit responsible for the botnet's spread is estimated to have been present on at least 9 million systems. Estimates of the size of the botnet vary across sources; antivirus vendor Sophos estimated the botnet size at around 1 million active and infected machines in the third quarter of 2012, and security firm Kindsight estimated 2.2 million infected and active systems.The bot itself is spread through the ZeroAccess rootkit through a variety of attack vectors. One attack vector is a form of social engineering, where a user is persuaded to execute malicious code either by disguising it as a legitimate file, or including it hidden as an additional payload in an executable which announces itself as, for example, bypassing copyright protection (a keygen). A second attack vector utilizes an advertising network in order to have the user click on an advertisement that redirects them to a site hosting the malicious software itself. A third infection vector used is an affiliate scheme where third party persons are paid for installing the rootkit on a system.In December 2013 a coalition led by Microsoft moved to destroy the command and control network for the botnet. The attack was ineffective though because not all C&C were seized, and its peer-to-peer command and control component was unaffected - meaning the botnet could still be updated at will.」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|