The ZeroAccess Botnet Visualized on Google Earth
F-Secure has posted an impressive map of the ZeroAccess botnet as it spreads across North America and Europe.
According to the security firm, ZeroAccess has infected millions of computers globally and the KML files for Google earth currently show only 139,447 bot locations in the two provided screenshots. F-Secure is providing the KML as well as CSV files for download.
ZeroAccess is a fast spreading botnet that is based on a kernel-mode rootkit that runs on 32-bit and 64-bit Windows systems and acts as a delivery platform for other malware. The main infection technique is to tricking users on social platforms into running an executable file, often under the promise of free software. Sophos published a detailed description of ZeroAccess and the way it works.