Revealing a new variant of computer virus can destroy itself when detected

The latest virus variant has been discovered by researchers from Cisco security firm to be able to self-destruct to avoid being "caught up" after virus analysis applications discover them.

Download Bkav Pro Internet Security

According to security researchers at Cisco, a new type of malware called Rombertik has been discovered that can destroy itself important data stored in Windows system files on the Master Boot Record ( A key component of the hard drive and a storage partition for disk information ), causing the machine to reboot several times to escape detection of virus and malware analysis tools. At the same time, when the Master Boot Record fails, it will make it harder to recover data on the hard drive than ever before.

The Master Boot Record starts with the executable code before the operating system is booted. When the Master Boot Record is overwritten by Rombertik, it will display the " Carbon crack attempt, failed " command and then put the user in an infinite loop to prevent the system from continuing to boot properly.

No matter how many times the user restarts, the screen will still display the text until the computer is reinstalled.

This new type of malware can also trick researchers' sandbox tools by writing a random data byte and moving it to system memory more than 960 million times. continuity.

Security expert Graham Cluley said the type of self-destruct software like Rombertik is quite rare because today's malware never wants to get noticed because its main goal is to silently "steal" information. precious information of users for a long time.

Cisco-defined Rombertik may appear a lot through spam and phishing messages sent to victims, enticing users to download and extract malicious attachments.

Once installed and spread on the user's computer, Rombertik malware will steal the user's login and personal data when accessing any website before sending this data to the attacker.