Revealing a new variant of computer virus can destroy itself when detected
The latest virus variant has been discovered by researchers from Cisco security firm to be able to self-destruct to avoid being "caught up" after virus analysis applications discover them.
Download Bkav Pro Internet Security
According to security researchers at Cisco, a new type of malware called Rombertik has been discovered that can destroy itself important data stored in Windows system files on the Master Boot Record ( A key component of the hard drive and a storage partition for disk information ), causing the machine to reboot several times to escape detection of virus and malware analysis tools. At the same time, when the Master Boot Record fails, it will make it harder to recover data on the hard drive than ever before.
The Master Boot Record starts with the executable code before the operating system is booted. When the Master Boot Record is overwritten by Rombertik, it will display the " Carbon crack attempt, failed " command and then put the user in an infinite loop to prevent the system from continuing to boot properly.
No matter how many times the user restarts, the screen will still display the text until the computer is reinstalled.
This new type of malware can also trick researchers' sandbox tools by writing a random data byte and moving it to system memory more than 960 million times. continuity.
Security expert Graham Cluley said the type of self-destruct software like Rombertik is quite rare because today's malware never wants to get noticed because its main goal is to silently "steal" information. precious information of users for a long time.
Cisco-defined Rombertik may appear a lot through spam and phishing messages sent to victims, enticing users to download and extract malicious attachments.
Once installed and spread on the user's computer, Rombertik malware will steal the user's login and personal data when accessing any website before sending this data to the attacker.
You should read it
- How to restore Master Boot Record in Windows 10
- Rombertik malware appears to attack hard drive and delete MBR
- What is the Master Boot Code?
- What is the Master Partition Table?
- Instructions for creating USB Multiboot start multiple operating systems
- 7 Cisco security tips
- 10 commands to master when working with Cisco IOS
- How to install dual boot Windows 10 and Windows Server
- What is a Volume Boot Record (VBR)?
- The new worm 'slips' Microsoft's WGA software
- How to use PuTTY on Cisco routers and switches
- Detects Zero-Day vulnerabilities on Windows PC operating systems that allow administrative rights
Maybe you are interested
This Simple Android App Proves Anything Can Contain Malware
BadBox Malware Is Picking Up Speed, Targeting Certain Android Devices
Warning of new dangerous malware attack campaign targeting Linux
Downloaded malware? Try these fixes before factory reset!
SteelFox Trojan: Malware Turns PCs Into Cryptocurrency Mining Zombies
Remcos Alert: Ingenious Excel Phishing Campaign Spreading Dangerous Fileless Malware