877.791.9571 |

About the Author:

Aleksandr Matrosov is a Senior Malware Researcher at ESET. He is also a Lecturer at the Cryptology and Discrete Mathematics at National Nuclear Research University MEPh. He specializes in the analysis of malicious threats and cybercrime activity.

Eugene Rodionov is a malware researcher for ESET. Rodionov also holds the position of Lecturer at the National Nuclear Research University MEPhI in Russia. His interests include kernel-mode programming, anti-rootkit technologies, reverse engineering and cryptology.

David Harley is a Senior Research Fellow at ESET. He is a Director of the Anti-Malware Testing Standards Organization, Chief Operations Officer at AVIEN, and CEO of Small Blue-Green World. He is a Fellow of the BCS Institute and holds qualifications in security management, service management (ITIL), BSI security audit and medical informatics.

TDSS part 3: Bootkit on the Other Foot

Introduction
In this final article in this series, we will describe the process of loading the bootkit previously discussed in “TDSS part 1: the x64 Dollar Question” and “TDSS part […]

TDSS part 2: Ifs and Bots

Introduction
In our previous Infosec Institute article, “TDSS part 1: the x64 Dollar Question”, we looked at the distribution and installation mechanisms used by TDL4. For the second part of […]

TDSS part 1: The x64 Dollar Question

Introduction
In the two years since the Win32/Olmarik family of malware programs (also known as TDSS, TDL and Alureon) started to evolve, its authors have implemented a notably sophisticated mechanism […]