OverwriteMBR is a piece of custom threat that has been detected in just one place currently – an online forum used to share Cheats for various games. The threat in question is promoted as a cheating tool for the popular online game Counter-Strike: Global Offensive. By using cheats, the players can gain an unfair advantage over their competitors, therefore making it easier for them to win. It is very likely that the author of the fake cheat is a disgruntled player who wants to punish the cheaters who ruin his games. If a user of the forum opts to download the cheat in question, he’s presented with a ‘.sln’ file that must be launched to load the cheat into the game. However, what users don’t know is that this file includes a snippet of code that connects to a remote server and downloads a file called ‘fuck_mpgh.exe.’ The script is also programmed to launch the program automatically as soon as the download is finished. Naturally, all of these processes happen in the background, and the user is notified what is about to happen.
When the executable file is launched it does just one thing – overwrite the Master Boot Record (MBR) so that the user’s operating system will not boot the next time the computer is turned on. The MBR isn’t just purged; it is replaced with a custom piece of text that states the following:
‘Multiplayer Game Hacking
As you reboot, you find that something has overwritten your MBR!
It is a sad thing your adventures have ended here.
This is the result of the incompetent file analyzers from MPGH.
If you need cheats, use something else than MPGH.
Greetings from ULLR.
Apparently, the author is against the MPGH hacking forum used to share cheats, and he blames its administrators for failing to detect that his cheat is, in fact, a tool used to download a harmful payload. Threats like OverwriteMBR can turn out to be a major annoyance if they are not stopped on time, and that’s why it is very important to make sure that your computer has sufficient protection against cyber threats. The best way to keep your computer and files safe is to use a reputable anti-malware solution which offers both active and passive protection against threats.