Microsoft observed a precipitous drop-off in click-traffic on their “extended publishing network,” which they claim reflects a similar drop-off in click-fraud, as a result of the actions they have taken to stymie ZeroAccess, according to Microsoft Malware Protection Center researchers Tommy Blizard and Nikola Livic.

The ZeroAccess rootkit isn’t the most well-known or closely watched piece of malware in recent history, but, as an extremely detailed new analysis of the program shows, it is a perfect example of the kind of sophisticated malware that attack crews are using to maintain persistent, silent access to compromised machines.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.