- Joined
- Sep 17, 2009
- Messages
- 2,375
- Reaction score
- 1,481
Super secretive malware wipes hard drive to prevent analysis
Rombertik will go to great lengths to keep its private parts private
Researchers have uncovered new malware that takes extraordinary measures to evade detection and analysis, including deleting all hard drive data and rendering a computer inoperable.
Rombertik, as the malware has been dubbed by researchers from Cisco Systems' Talos Group, is a complex piece of software that indiscriminately collects everything a user does on the Web, presumably to obtain login credentials and other sensitive data. It gets installed when people click on attachments included in malicious e-mails. Talos researchers reverse engineered the software and found that behind the scenes Rombertik takes a variety of steps to evade analysis. It contains multiple levels of obfuscation and anti-analysis functions that make it hard for outsiders to peer into its inner workings. And in cases that main yfoye.exe component detects the malware is under the microscope of a security researcher or rival malware writer, Rombertik will self-destruct, taking along with it the contents of a victim's hard drive.
Super secretive malware wipes hard drive to prevent analysis | Ars Technica
Rombertik will go to great lengths to keep its private parts private
Researchers have uncovered new malware that takes extraordinary measures to evade detection and analysis, including deleting all hard drive data and rendering a computer inoperable.
Rombertik, as the malware has been dubbed by researchers from Cisco Systems' Talos Group, is a complex piece of software that indiscriminately collects everything a user does on the Web, presumably to obtain login credentials and other sensitive data. It gets installed when people click on attachments included in malicious e-mails. Talos researchers reverse engineered the software and found that behind the scenes Rombertik takes a variety of steps to evade analysis. It contains multiple levels of obfuscation and anti-analysis functions that make it hard for outsiders to peer into its inner workings. And in cases that main yfoye.exe component detects the malware is under the microscope of a security researcher or rival malware writer, Rombertik will self-destruct, taking along with it the contents of a victim's hard drive.
Super secretive malware wipes hard drive to prevent analysis | Ars Technica
