Friday, July 20, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Google, Facebook, Microsoft, and Twitter Partner on New Data Project
Foxconn Breaks Ground in In Wisconsin Plant, Looks at AI and Beyond Apple
Western Digital and Toshiba Begin Sampling 96-layer QLC NAND
Cloud Services Keep Boosting Microsoft's Revenue
Comcast Won't Pursuit Fox assets, Focuses on Sky Offer
EU to Probe Qualcomm Over Pricing Case
Google's Project Fuchsia Could Be The Successor of Android Successor to Android
TSMC Cuts Sales, Spending Outlook
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > PC Parts > Cisco I...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, May 05, 2015
Cisco Identifies Virus That Kills Off PCs


Researchers have discovered "Rombertik," a computer virus that tries to avoid detection by making the computer it infects unusable.

Once it's triggered, the virus deletes key files on a computer, making it constantly restart. On Windows machines where it goes unnoticed, the malware steals login data and other confidential information.

According to Talos, Romberik is a complex piece of malware that is designed to hook into the user’s browser to read credentials and other sensitive information for exfiltration to an attacker controlled server.

Rombertik has been identified to propagate via spam and phishing messages sent to would-be victims. Like other spam and phishing campaigns, attackers use social engineering tactics to entice users to download, unzip, and open the attachments that ultimately result in the user’s compromise.

The process by which Rombertik compromises the target system is a fairly complex with anti-analysis checks in place to prevent static and dynamic analysis. Upon execution, Rombertik will stall and then run through a first set of anti-analysis checks to see if it is running within a sandbox. Once these checks are complete, Rombertik will proceed to decrypt and install itself on the victims computer to maintain persistence. After installation, it will then launch a second copy of itself and overwrite the second copy with the malware’s core functionality. Before Rombertik begins the process of spying on users, Rombertik will perform once last check to ensure it is not being analyzed in memory. If this check fails, Rombertik will attempt to destroy the Master Boot Record and restart the computer to render it unusable.

The malware "indiscriminately" steals data entered by victims on any website, the researchers said.

Good security practices, such as making sure anti-virus software is installed and kept up-to-date, not clicking on attachments from unknown senders, and ensuring robust security policies are in place for email (such as blocking certain attachment types) can go a long way when it comes to protecting users.



Previous
Next
Samsung Delivers Faster Speeds With New PRO Plus and EVO Plus Memory Cards        All News        Intel Xeon E7 v3 Processor Series Debuts
AMD Outlines Future Growth Plans     PC Parts News      Intel Xeon E7 v3 Processor Series Debuts

Get RSS feed Easy Print E-Mail this Message

Related News
Researchers Identify iOS Espionage App
Researchers Identify New iOS Vulnerability
Dropbox, WordPress Used To Spread Malware
Microsoft Says Viruses Are Back On The Rise
First Targeted Attack Utilising Malware for Android Devices Reported
Cyber Attack Targets Nato, Government Websites
Stuxnet Roots Found Back in 2005
Java Exploit Behind "Red October" Cyber Attacks
FTC Warns Small Businesses Of Spam Email
Kaspersky Says 'Red October' Virus Has Been Targeting Diplomatic and Government Agencies
Kaspersky Discovers New version Of Flams Virus
Microsoft Warns Of New IE Security Breach

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .