Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Are YOU at risk from Rombertik? Terrifying 'suicide bomber' malware can destroy your computer if it thinks you've detected it.

  • Nicknamed Rombertik, the malware is designed to intercept text
  • Is being spread through spam and phishing messages
  • If it detects it has been spotted, Rombertik tries destroy the computer

Security experts have issued a major alert over a new type of Malware that can cripple a Computer if it is detected during security checks.

The malware, nicknamed Rombertik by Cisco Systems, is designed to intercept any plain text entered into a browser window.

It is being spread through spam and phishing messages, according to Cisco's Talos Group blog on Monday.

Once a user has downloaded it by clicking on a link, Rombertik goes through several checks once it is up and running on a Windows computer to see if it has been detected.

However, unlike other software, Rombertik can try and destroy the computer.

The malware 'is unique in that it actively attempts to destroy the computer if it detects certain attributes associated with malware analysis,' wrote Ben Baker and Alex Chiu of the Talos Group.

HOW IT DESTROYS COMPUTERS

  • Rombertik first takes aim at the Master Boot Record (MBR), the first sector of a PC's hard drive that the computer looks to before loading the operating system.
  • If it doesn't have access to the MBR, it effectively destroys all of the files in a user's home folder by encrypting each with a random RC4 key.
  • Once either the MBR or the home folder has been encrypted, the computer restarts.
  • The MBR then enters an infinite loop that stops from computer from rebooting.
  • The screen reads 'Carbon crack attempt, failed.'


This post first appeared on Download, please read the originial post: here

Share the post

Are YOU at risk from Rombertik? Terrifying 'suicide bomber' malware can destroy your computer if it thinks you've detected it.

×

Subscribe to Download

Get updates delivered right to your inbox!

Thank you for your subscription

×