Breaking News

COLORFUL Introduces iGame Shadow II Series DDR5 Memory TerraMaster Launches D1 SSD Plus ASUS Announces Late-August Availability of ProArt Display 6K PA32QCV ASRock Announces Exciting New AMD X870E motherboards ASUSTOR 30 TB Ironwolf Pro Now Officially Supported

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Cisco Identifies Virus That Kills Off PCs

Cisco Identifies Virus That Kills Off PCs

PC components May 5,2015 0

Researchers have discovered "Rombertik," a computer virus that tries to avoid detection by making the computer it infects unusable. Once it's triggered, the virus deletes key files on a computer, making it constantly restart. On Windows machines where it goes unnoticed, the malware steals login data and other confidential information.

According to Talos, Romberik is a complex piece of malware that is designed to hook into the user’s browser to read credentials and other sensitive information for exfiltration to an attacker controlled server.

Rombertik has been identified to propagate via spam and phishing messages sent to would-be victims. Like other spam and phishing campaigns, attackers use social engineering tactics to entice users to download, unzip, and open the attachments that ultimately result in the user’s compromise.

The process by which Rombertik compromises the target system is a fairly complex with anti-analysis checks in place to prevent static and dynamic analysis. Upon execution, Rombertik will stall and then run through a first set of anti-analysis checks to see if it is running within a sandbox. Once these checks are complete, Rombertik will proceed to decrypt and install itself on the victims computer to maintain persistence. After installation, it will then launch a second copy of itself and overwrite the second copy with the malware’s core functionality. Before Rombertik begins the process of spying on users, Rombertik will perform once last check to ensure it is not being analyzed in memory. If this check fails, Rombertik will attempt to destroy the Master Boot Record and restart the computer to render it unusable.

The malware "indiscriminately" steals data entered by victims on any website, the researchers said.

Good security practices, such as making sure anti-virus software is installed and kept up-to-date, not clicking on attachments from unknown senders, and ensuring robust security policies are in place for email (such as blocking certain attachment types) can go a long way when it comes to protecting users.

Tags: Virus
Previous Post
Samsung Delivers Faster Speeds With New PRO Plus and EVO Plus Memory Cards
Next Post
Intel Xeon E7 v3 Processor Series Debuts

Related Posts

  • Samsung Laptop Full of Notorious Malware Is On Sale For $1.2M

  • Researchers Identify iOS Espionage App

  • Researchers Identify New iOS Vulnerability

  • Dropbox, WordPress Used To Spread Malware

  • Microsoft Says Viruses Are Back On The Rise

  • First Targeted Attack Utilising Malware for Android Devices Reported

  • Cyber Attack Targets Nato, Government Websites

  • Stuxnet Roots Found Back in 2005

Latest News

COLORFUL Introduces iGame Shadow II Series DDR5 Memory
PC components

COLORFUL Introduces iGame Shadow II Series DDR5 Memory

TerraMaster Launches D1 SSD Plus
PC components

TerraMaster Launches D1 SSD Plus

ASUS Announces Late-August Availability of ProArt Display 6K PA32QCV
Enterprise & IT

ASUS Announces Late-August Availability of ProArt Display 6K PA32QCV

ASRock Announces Exciting New AMD X870E motherboards
PC components

ASRock Announces Exciting New AMD X870E motherboards

ASUSTOR 30 TB Ironwolf Pro Now Officially Supported
Enterprise & IT

ASUSTOR 30 TB Ironwolf Pro Now Officially Supported

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Crucial T705 2TB NVME White

Crucial T705 2TB NVME White

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed