drjbhl
Ramblings of an old Doc
Rombertik–A new nightmare.
Published on May 5, 2015 By DrJBHL In Personal Computing

 

Virus analysts are having a nightmare with this one as it self destructs when it detects efforts at analysis.

“Security researchers at Cisco have published new research on a malware, named Rombertik, which will go out of its way to avoid getting analyzed by deleting essential data in the Windows system file called the Master Boot Record (MBR) sending the computer into an endless reboot loop.

The malware also attempts to fool the researchers' sandboxing tools by writing a random byte of data to the system's memory over 960 million times.” – Neowin

The virus appears to be stupid (apart from that part above) since it steals random info like logons and personal data, but it doesn’t maintain its cover…which is the goal of most spyware: It hooks into your browser taking your info from websites and forms you fill out. It is transmitted through emails with attachments which appear to be some sort of pdf but which is actually a .scr screensaver executable which contains the virus.

If you wish to learn more about it, go here: http://blogs.cisco.com/security/talos/rombertik

Source:

http://www.neowin.net/news/a-new-virus-will-self-destruct-when-analyzed-by-researchers


Popular Articles in this Category
Safe and free software download sites for windows
Keep an Eye Out!
A new and more functional PC Manager widget from MS
Popular Articles from DrJBHL
Safe and free software download sites for windows
A new and more functional PC Manager widget from MS
Comments
1
Hankers
on May 05, 2015

Nasty stuff.

2
bluedxca93
on May 05, 2015

Patching MBR is so old for viruses.Thinking that UEFI would make this harder is false.

Since uefi loads also the windows or other boot manager from disk and then we have the good old mbr!! .

And well its like a sucessor of the old Stoned-Virus for dos  ...

3
DrJBHL
on May 05, 2015

Actually, this one is more like Dyer, only not specifically for banking info and in addition its defensive modules which are quite sophisticated.

4
ElanaAhova
on May 05, 2015

Will it never end?  Do we need to sat up cyber walls at the 'border?'

5
WOM
on May 06, 2015

Always something.

6
bluedxca93
on May 08, 2015

WOM
reply 5

Always something.

Yeah,

i bet there would be always viruses. 

Viruses are small and our internet gets faster, so they can even get bigger. 

Its not important if viruses are there or not, and  the problem is coming from the user itself  in some cases.But hope there  won`t be  real nasty viruses stealing personal data or wiping the disc in future. These programs are absolutely not funny.

If you really want to use the internet excessivly and are having viruses every second , i guess   its recommended to use a system like linux or free bsd, even better a browser you did modify<a bit yourself and all of that on a vm on a cheap laptop through a vpn using a proxy. guess no one  has the time to do that, but well even then you can attack bash and the kernel or X-Server.

 

regards bluedxca93

 

 

 

 

Meta
Views
» 14932
Comments
» 6
Category
» Personal Computing
Comment
Recent Article Comments
Let's see your political mem...
LightStar Design Windowblind...
Let's start a New Jammin Thr...
A day in the Life of Odditie...
Safe and free software downl...
Veterans Day
A new and more functional PC...
Post your joy
AI Art Thread: 2022
WD Black Internal and Extern...
Sponsored Links
Terms of Service Privacy Policy About Us Contact Us Stardock.com
© 2024 Stardock Corporation. All rights reserved.
JoeUser v1.0.0.0