Most malware authors take steps to make their creations hard to understand. With patience and endurance, researchers are often able to pierce the veil, anyway. Giuseppe Bonfa published a detailed analysis of a piece of malware known as ZeroAccess. Bonfa made his research public in a four-part series that analyzes various aspects of ZeroAccess, including the rootkit s criminal origins and tools it uses to maintain a hold on computers it infects even after the operating system on those machines has been completely removed and reinstalled.
Source: https://threatpost.com/image-day-dissecting-zeroaccess-crimeware-111510/74675/

