TDSS

TDSS refers to a family of rootkits that target Windows operating systems.

TDSS rootkits are identified with many different names such as Alureon, Tidserv and TDSServ. The first rootkit of its kind was discovered in 2006, usually delivered when a Windows user unknowingly installs trojans from the web. It is often bundled with rogue security software (FakeAV products) as well.

Like other rootkits, it infects low-level system drivers in other to establish itself on the machine. From there it has been used for many illegal purposes, such as mining for data like credit card numbers, user names, passwords and other information that can be pulled from network traffic.

In order to protect itself, TDSS rookits generally block access to websites offering security products or updates for security products. They also block access to Microsoft's Windows Update service, protecting itself from the Malicious Software Removal Tool (MSRT) and also making sure an infected machine cannot be patched automatically against emerging vulnerabilities.

One incident in 2010 involving a TDSS rootkit made the headlines. Microsoft had pushed out an update that changed a hard-coded memory address that the rootkit used, and the result for the end user was an infamous Blue Screen of Death (BSOD). The Windows Update service will no longer deliver this update for systems infected with the rootkits.

The malware is used in the establishment of botnets, with Microsoft identifying it as the most prevalent of its kind in the area.

In June 2011, it was reported that the TDL-4 rootkit of the TDSS family had evolved to infect 64-bit versions of Windows (including Windows 7) by bypassing the Windows kernel mode code signing policy. It also its own anti-malware measures against rival malware such as ZeuS, Gbot and Optima, removing those infections from systems it compromised.

Another big leap for TDL-4 was to use the Kademlia P2P file sharing network for communications between infected nodes. This means a botnet it established can stay alive even if the command and control servers have been taken down through a legal route. In just three months, TDL-4 is reported to have infected over 4.5 million PCs.

Tools such as TDSSKiller can be used to detect and remove rootkits / bootkits from the TDSS variants.

Synonyms

Alureon
Tidserv
TDSServ

Glossary

Select a term to see the explanation

B
B Frames
B-CAS
B6I
Back Surround
Back Surround Channel
BackUP IFO
Bada
Bada 2.0
BAE-VX1000
Bandwidth
Basic Interoperable Scrambling System
BayTSP
BCA
BD
BD Java
BD+
BD-25
BD-50
BD-J
BD-Live
BD-R
BD-RE
BD-ROM
BDA
BDAV
BDMV
BDRip
BEREC
Bescherming Rechten Entertainment Industrie Nederland
Betacam
BetaCrypt 1
BetaCrypt 2
BetaMax
Betamax Case
BFF
Bidirectional Prediction
Big Champagne
Bill Shock
BIN/CUE Images
Bink
Bink Video
Birefringence
BISS
Bitmap
Bitrate
bitsetting
Bitstream
BitTorrent
Black Hat
Blindread
BlindWrite
Bloatware
Block
BlockAID
Blocking
Blu-Code
Blu-ray
Blu-ray Disc
Blu-ray Disc Association
Blu-ray Disc Audio/Visual
Blu-ray Disc Movie
Blu-ray Disc Recordable
Blu-ray re-writable
Blu-ray Read Only Memory
Blu-ray Region A
Blu-ray Region B
Blu-ray Region C
Blu-ray Region Codes
Bluetooth 3.0
BMI
BMP
Body of European Regulators of Electronic Communications
Bonus View
Book A
Book B
Book C
Book D
Book E
BookType
Bootlegs
Bot Herders
Botnet
Bots
Bottom Field First
BPI
bps
BredoLab
BREIN
British Phonographic Industry
British Phonographic Industry
Broadcast Flag
Broadcast Music Incorporated
Browser Choice
BRrip
BS Conditional Access Systems
BSA
BT5
BT6
BUP
Burst Cutting Area
Business Software Alliance
BWA
BWS
BWT
bz2
bzip2

G
G.722.2
Game Developers Conference
Gamma Correction
GB
Gbit
Gbyte
GDC
General Hardware-Oriented System Transfer
General Purpose Graphics Processing Unit
GHO
Ghost
GHS
GiB
Gibibit
Gibibyte
Gibit
GIF
Gigabit
Gigabyte
gigaFLOPS
gigibyte
Global Motion Compensation
Global System for Mobile Communication
GMC
GodMode
Gold Farming
Golden Joysticks
Google TV
GOP
GPGPU
GPRS
GPU
Grace Period Profile
Graphics Interchange Format
Graphics Processing Unit
Griffin
Group Of Pictures
Gruvi
GSM
GSM 800
gsm 850
GSM 900
GSM Association
GSMA
GSMA Mobile World Congress
GUI

O
O&O DiskImage
ODB
ODF
ODG
ODP
ODS
ODT
OEM
Ofcom
Ogg
Ogg Media
Ogg Tarkin
Ogg Theora
Ogg Vorbis
OGM
OHA
OMA
OMG
OmniCrypt
On The Fly
on the fly encryption
Online Copyright Infringement Liability Limitation Act
Open Captions
Open FastTrack
Open Graphics Library
Open Handset Alliance
Open Rights Group
OpenDocumentFormat
OpenFT
OpenGL
OpenMG
Opposite Track Path
OptimFROG
OptimFROG DualStream
ORG
Original Equipment Manufacturer
OTA

T
T (Teen)
T-Crypt
Table Of Contents
Taiyo Yuden
TAO
TB
Tbit
Tbyte
TC
TDSS
TDSServ
Tebibit
Tebibyte
Telecide
Telecine
Temporal Key Integrity Protocol
Terabit
Terabyte
teraFLOPS
Tethering
TF
ThalesCrypt
THD
The Independent Game developer Association
The Onion Router
Theora
Third Generation Partnership Project 2
THX
Tianhe-1A
TiB
TIB (format)
Tibit
Tidserv
TIGA
Time Shifting
Time to Live
Titan
Title
TiVo
TKIP
TMDS
TOC
Tomlinson Holman's eXperiment
Top Field First
TOR
Torrent
Total HD
Total Hi Defintion Disc
TouchWiz
TouchWiz 3.0
TouchWiz 4.0
TouchWiz UX
TPS-Crypt
Track
Tracker
Track_At_Once
Transcoding
TransFlash
Transition Minimized Differential Signaling
Triple play
True Audio
True Cinema
TrueImage
TrustedFlash
TTA
TTL
TurboCore
TV Line
TV Lines per Picture Height
TV-RIP
TwinVQ
TY
Type 1 DV
Type 2 DV

File extensions

Select a file extension to see its definition

TDSS

Synonyms

Glossary

File extensions

Sections:

Follow us: