• IT Support Provider letting you down?

    There is a better way...

    Request a Quote
  • Head in the Cloud? Let us clear the path to a brighter IT future for your business.

    Call us on 01268 575300 for more information

    Request a Quote
  • Due for an IT systems upgrade or rethink? We can offer solutions for every budget.

    Call us on 01268 575300 to find out more

    Request a Quote

Rombertik: Malware that destroys your computer when detected

clip_image002It has been announced in the last few days that a new computer virus has been discovered which has been named Rombertik. The malware is designed to capture any plain text entered into a browser. Nicknamed by Cisco Systems, Rombertik’s primary purpose is a big worry but this new type of malware has an additional destructive threat.

Once setup on a Windows computer, Rombertik will check to see if it has been detected. The malware performs several regular internal checks to establish when it is under analysis. If undetected the malware will continuously steal data entered into any website browser.

Alarmingly, Rombertik will try to destroy your computer if it thinks it has been detected or is under analysis. One of its destructive methods used when detected is to attempt to delete the Master Boot Record (MBR) which is an essential Windows system file. The malware will then restart your computer and because the MBR is missing, your computer will continuously restart in an infinite loop. To restore a PC at this stage, with its MBR files removed, you are required to complete a full reinstallation of the Windows system and you will lose all your data stored on the internal hard drive.

The malware also attempts to trick analysis in order to maintain its covert operation. One reported method that Rombertik employs to avoid detection is to commit a byte of data to the computer’s memory 960 million times. Doing this overwhelms any virus detection software as it attempts to detect the malware.

Malware and computer virus prevention

It has been reported that this type of malware is being passed on through spam and phishing messages, some of which are made to look like business enquiries from Microsoft. In the case of Rombertik, the biggest step your business can take in preventing this kind of virus from reaching your system is to have strict email security protocols in place which can block certain types of attachments. You should also make sure staff are aware of the risks involved and highlight the importance of not opening attachments from unknown email accounts. Regularly backing up your computers’ data to an external drive is also advisable as you will be able to restore your work, up to the last back up date, should the worst happen.

As with all internet security you should ensure your businesses antivirus software is installed and is regularly updated. For help with computer viruses, spam and other IT related issues, please visit http://www.computer-support-essex.co.uk/ or call us on 01268 575300.

No comments :

Post a Comment