Necurs is a kernel mode driver best known at the moment for being used by Gameover Zeus (GOZ) to hinder attempts to detect and remove the malware. The technical details of the Necurs driver have already been exhaustively covered in a writeup by Peter Ferrie, but during our analysis we came across some interesting details of Necur's gradual uptake as a 'crimeware for sale' module.
read more.......http://www.f-secure.com/weblog/archives/00002717.html
read more.......http://www.f-secure.com/weblog/archives/00002717.html