New Malware Implodes on Detection, Taking Your Data Down

An insidious computer virus that reacts violently when detected—destroying everything onboard—is now on the loose.

Researchers from Cisco Systems Talos Group discovered the malware threat, called Rombertik. Like many other threats, this one is made up of particularly virulent code attached to a seemingly innocuous email.

The bug is designed to collect everything the user has done online as it attempts to uncover login information and personal files to give it access to the computer’s contents.

“Rombertik has been identified to propagate via spam and phishing messages sent to would-be victims,” the Talos report said. “Like previous spam and phishing campaigns Talos has discussed, attackers use social engineering tactics to entice users to download, unzip and open the attachments that ultimately result in the user’s compromise.”

When Talos researchers examined the threat, they found that Rombertik goes to unusual lengths to avoid detection through misdirection and technical subterfuge.

“Before Rombertik begins the process of spying on users, Rombertik will perform one last check to ensure it is not being analyzed in memory,” the report said. “If this check fails, Rombertik will attempt to destroy the Master Boot Record and restart the computer to render it unusable.”

To protect your personal data, keep your anti-virus software up to date and never open any email attachment that looks suspicious, even if it appears to be from a known sender.

Click here for more details about the research on Rombertik done by Ben Baker and Alex Chiu at Talos.