Ace from our Kuala Lumpur lab has written a technical white paper on the internals of the highly advanced TDL3 trojan. The paper goes deep into the features of this advanced backdoor/rootkit.



You can download "The Case of Trojan DownLoader TDL3" from here [2MB PDF file].

In some ways, TDL3 is similar to the infamous Mebroot rootkit. For a thorough discussion on Mebroot, see our presentation from 2008.