banner

Super secretive malware wipes hard drive to prevent analysis

Written by Arstechnica
rombertik3-640x431
  • Arstechnica
  • 2 years ago

rombertik3-640x431

Researchers have uncovered new malware that takes extraordinary measures to evade detection and analysis, including deleting all hard drive data and rendering a computer inoperable.

Rombertik, as the malware has been dubbed by researchers from Cisco Systems’ Talos Group, is a complex piece of software that indiscriminately collects everything a user does on the Web, presumably to obtain login credentials and other sensitive data. It gets installed when people click on attachments included in malicious e-mails.

Talos researchers reverse engineered the software and found that behind the scenes Rombertik takes a variety of steps to evade analysis. It contains multiple levels of obfuscation and anti-analysis functions that make it hard for outsiders to peer into its inner workings. And in cases that main yfoye.exe component detects the malware is under the microscope of a security researcher or rival malware writer, Rombertik will self-destruct, taking along with it the contents of a victim’s hard drive.

Read More

0 0
Article Categories:
Attacks & Breaches · Security

Leave a Comment

Your email address will not be published. Required fields are marked *