View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Suicidal Rombertik virus booby-traps users and kills PCs

Cisco discovers virus that can delete essential Windows files then kills itself.

By CBR Staff Writer

A piece of malware capable of destroying the computers it infects has been unearthed by the security division of Cisco.

Rombertik, the name given to the virus by the company, is spread through a spam phishing campaign with the intention of stealing user data, including keystrokes, and tracking a victim’s online activities.

Ben Baker and Alex Chiu, security researchers at Cisco’s Talos cybersecurity group, claimed that the virus was capable of deleting the Master Boot Record, an essential system file, if it detected that it was being analysed.

The malware then restarts the computer, causing the machine to go into an endless loop.

"In the process of reverse engineering Rombertik, Talos discovered multiple layers of obfuscation and anti-analysis functionality," the pair of researchers said in a company blog post.

"This functionality was designed to evade both static and dynamic analysis tools, make debugging difficult."

Graham Cluley, a security journalist, told the BBC that such destructive viruses were rare because most hackers would try to design a silent virus that would escape the notice of the victim.

Content from our partners
Why all businesses must democratise data analytics
How start-ups can take the next step towards scaling up
Unlocking the value of artificial intelligence and machine learning

"That’s because malware these days doesn’t want to draw attention to itself, as that works against its typical goal – to lie in wait, stealing information for a long time," he said.


Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy