TDSS

GPTKB entity

Statements (51)
Predicate Object
gptkbp:instanceOf rootkit
gptkbp:affects gptkb:Windows_8
gptkb:Windows_7
gptkb:Windows_Vista
gptkb:Windows_XP
Windows Server editions
gptkbp:alsoKnownAs Alureon
TLD4
Tidserv
gptkbp:category Trojan
Rootkit
Bootkit
gptkbp:developedBy unknown cybercriminals
gptkbp:discoveredBy 2008
gptkbp:distributedBy malicious downloads
malicious email attachments
exploit kits
drive-by downloads
https://www.w3.org/2000/01/rdf-schema#label TDSS
gptkbp:notableFeature can block access to security websites
can bypass antivirus software
can communicate with command and control servers
can create a botnet
can disable security software
can download and execute arbitrary files
can hide files and registry entries
can inject code into system processes
can install rogue security software
can modify DNS settings
can redirect search engine results
can steal login credentials
can update itself
can use encrypted communication channels
difficult to detect and remove
infects Master Boot Record (MBR)
uses advanced rootkit techniques
gptkbp:notableVariant TDL-1
TDL-2
TDL-3
TDL-4
gptkbp:platform gptkb:Microsoft_Windows
gptkbp:primaryUse steal information
download additional malware
hide presence of malware
redirect web traffic
gptkbp:removes Kaspersky TDSSKiller
Malwarebytes Anti-Rootkit
gptkbp:usesMalware rootkit
bootkit
gptkbp:bfsParent gptkb:Sloan_Digital_Sky_Survey_(SDSS)
gptkbp:bfsLayer 6