The TDSS rootkit burst on the scene in 2008 and quickly earned the begrudging respect of security experts for its long list of highly advanced features. It is virtually undetectable by antivirus software, and its use of low-level instructions makes it extremely hard for researchers to conduct reconnaissance on it. A built-in encryption scheme prevents network monitoring tools from intercepting communications sent between control servers and infected machines.The amount of talent that it takes to make this does not come cheap. That talent used to gravitate to the security defenders - to little startups like the ones I used to haunt. There's no money there now.
But there's a boatload of money in the malware business. Thank you