Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Revealing a new variant of computer virus can destroy itself when detected
The latest virus variant has been discovered by researchers from Cisco security firm to be able to self-destruct to avoid being "caught up" after virus analysis applications discover them.
Download Bkav Pro Internet Security
Revealing a new variant of computer virus can destroy itself when detected Picture 1
According to security researchers at Cisco, a new type of malware called Rombertik has been discovered that can destroy itself important data stored in Windows system files on the Master Boot Record ( A key component of the hard drive and a storage partition for disk information ), causing the machine to reboot several times to escape detection of virus and malware analysis tools. At the same time, when the Master Boot Record fails, it will make it harder to recover data on the hard drive than ever before.
The Master Boot Record starts with the executable code before the operating system is booted. When the Master Boot Record is overwritten by Rombertik, it will display the " Carbon crack attempt, failed " command and then put the user in an infinite loop to prevent the system from continuing to boot properly.
Revealing a new variant of computer virus can destroy itself when detected Picture 2
No matter how many times the user restarts, the screen will still display the text until the computer is reinstalled.
Revealing a new variant of computer virus can destroy itself when detected Picture 3
This new type of malware can also trick researchers' sandbox tools by writing a random data byte and moving it to system memory more than 960 million times. continuity.
Security expert Graham Cluley said the type of self-destruct software like Rombertik is quite rare because today's malware never wants to get noticed because its main goal is to silently "steal" information. precious information of users for a long time.
Cisco-defined Rombertik may appear a lot through spam and phishing messages sent to victims, enticing users to download and extract malicious attachments.
Once installed and spread on the user's computer, Rombertik malware will steal the user's login and personal data when accessing any website before sending this data to the attacker.
Isabella HumphreyYou should read it
- How to restore Master Boot Record in Windows 10
- Rombertik malware appears to attack hard drive and delete MBR
- What is the Master Boot Code?
- What is the Master Partition Table?
- Instructions for creating USB Multiboot start multiple operating systems
- 7 Cisco security tips
- 10 commands to master when working with Cisco IOS
- How to install dual boot Windows 10 and Windows Server
- What is a Volume Boot Record (VBR)?
- The new worm 'slips' Microsoft's WGA software
- How to use PuTTY on Cisco routers and switches
- Detects Zero-Day vulnerabilities on Windows PC operating systems that allow administrative rights
Maybe you are interested
Modern malware has more sophisticated ways of hiding
How do criminals use CAPTCHAs to spread malware?
6 signs that your smartphone is infected with malware
What to Know About Peaklight: New Stealth Malware Targets Illegal Movie Downloads
Warning: TryCloudflare is being abused to distribute remote access malware
Learn about Warmcookie: Malware that targets people looking for work
Virus Removal - Spyware
Rombertik malware appears to attack hard drive and delete MBR- Appeared super risk of computer underground GPU exploitation
- Mac sticks with serious security holes
- Remove CCleaner's annoying messages in 2 steps
- Is antivirus software really slowing down your computer?
- Instructions for changing language interface on Kaspersky Lab security programs
Rombertik malware appears to attack hard drive and delete MBR
Appeared super risk of computer underground GPU exploitation
Mac sticks with serious security holes
Remove CCleaner's annoying messages in 2 steps
Is antivirus software really slowing down your computer?
Instructions for changing language interface on Kaspersky Lab security programs