New Secret Malware Wipes Your Hard Drive After Infection to Prevent Analysis

May 1st 2015 - by Fix My PC FREE in: Blog PC Protection News | 0 Comment

ATTENTION, PLEASE!

Malware may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations.

We recommend downloading Advanced System Repair to eradicate Malware for you (it should cut down the time to about 15 minutes).

>> Download Advanced System Repair <<
New Secret Malware Wipes Your Hard Drive After Infection to Prevent Analysis

The best criminals leave no evidence. And just like the best criminals, the best viruses wipe the slate clean after an infection.

Such is the case with a new secretive malware that is taking “extraordinary measures” to avoid detection and analysis. That new malware deletes all hard drive data and renders computers inoperable after an infection.

The malware has been called “Rombertik” and is a complex piece of software that indiscriminately collects all the data you transfer to and from the internet – including your passwords, usernames, and other sensitive data.

How To Avoid the Dangerous New Malware

The malware is reportedly spread through malicious email attachments.

After clicking on a malicious email attachment, the malware is automatically installed.

The next time you receive a mysterious email with a vaguely-named attachment, don’t open it right away – even if it’s from a trusted contact. Delete it if it’s from someone you don’t know. If it’s from someone you know, email them back asking to confirm they sent it to you and that it’s something important.

rombertik 2

If you can do these basic steps, then you’ll not only avoid the Rombertik virus, but you’ll also avoid most modern PC viruses and infections.

Malware Self-Destructs Itself and your Hard Drive After Infection

The malware takes some surprising steps after infecting your PC. Researchers at Cisco Systems’ Talos Group reverse engineered the virus and found that the virus contains “multiple levels of obfuscation and anti-analysis functions”.

rombertik 3

These functions appear to be implemented exclusively to prevent researchers from analyzing the virus.

Amazingly enough, the active .exe file in Rombertik will actually destroy itself if it detects that someone is looking at it.

Making matters worse is when that .exe file self-destructs, it brings down the entire hard drive with it.

The anti-analysis tools are equally as unique. The Rombertik virus will write a byte of random data to the computer’s memory 960 million times. The resulting delay can trip up sandbox tools while also preventing researchers from tracking the exact location of the virus’s work.

rombertik

In the original Cisco blog post, the team said,

“If an analysis tool attempted to log all of the 960 million write instructions, the log would grow to over 100 gigabytes. Even if the analysis environment was capable of handling a log that large, it would take over 25 minutes just to write that much data to a typical hard drive. This complicates analysis.”

In other words, we’re dealing with a virus made by some evil genius. If today’s top security researchers can’t crack it, then you better home this thing doesn’t infect your PC.

Stay tuned to FixMyPCFree.com to stay updated on this lethal new Rombertik virus!

Source: Cisco.com

No Comment

Leave a Reply

Name Required

Website