Antivirus champion Kaspersky Lab describes the TDSS malware as the ‘most powerful and complex rootkit to date’. It infects drivers, which ensures that it will be launched almost immediately the operating system is started. Consequently, it is extremely difficult to detect and remove this rootkit. TDSS is spread via an affiliate program: affiliates earn money according to the number of computers they infect; the highest payment is made for machines located in the US. Botnets managed using TDSS, and consisting of approx. 20,000 infected machines, are sold on the black market. The botnets’ command and control centers are located in China, Luxembourg, Hong Kong, Holland, and Russia, Kaspersky Lab reports: it estimates that around 3 million computers have been infected by the rootkit. Check-out this excellent and accessible article by Kaspersky Lab boffins Sergey Golovanov and Vyacheslav Rusakov, that looks at the technologies implemented in TDSS, the way in which the rootkit spreads, and how cyber criminals profit from this malware, that provides an engaging insight into how this pesky code inveigles its way onto our unsuspecting PCs.