The piece of malware known as ZeroAccess is currently present on over 1 million computers spread throughout almost 200 countries worldwide. Even worse, so far, the threat was found to be installed more than 9 million times on the devices of unsuspecting internauts.
If you think that 9 million is a scary number, you should also know that the total number of installs reached this limit in just a couple of months.
Considering the scale of the threat, Sophos researchers published a detailed paper
on ZeroAccess and its evildoings.
ZeroAccess generates a profit for its masters with the aid of a peer-to-peer network that is utilized to download malicious plugins. These components are capable of carrying out diverse tasks that help the criminals make tons of money.
According to experts, cybercriminals can earn as much as $100,000 (80,000 EUR) per day if the botnet is operating at maximum capacity.
After monitoring the threat for a period of two months, Sophos was able to pinpoint the locations of the infected machines. Apparently, the malware has managed to infect computers in places we’d least expect, such as Kiribati and various other islands in the middle of the Pacific ocean.
However, most of the infected machines appear to be in the United States (55%), Canada, United Kingdom, Germany, Turkey, Spain, France, Austria, Italy and Japan.
“We have also reverse-engineered the mechanisms by which the ZeroAccess owners keep tabs on the botnet, and discovered an array of techniques used that are designed to bury the call-home network communications in legitimate-seeming traffic,” James Wyke, senior threat researcher at SophosLabs, explained
In order to avoid becoming victims of ZeroAccess and contributing to the cybercrooks’ hefty income, users must be aware of what they install and what websites they visit. We recommend caution while surfing the Web and a reliable antivirus solution that can keep you out of harm’s way.