Skip to main content
  1. Home
  2. Computing
  3. News

Rombertik malware goes nuclear on your drive to avoid detection

Chris Stobing
By

rombertik malware goes nuclear on your drive to avoid detection bccvqg7
Image Credit: Cisco Talos
The newest form of malicious software is both shy and incredibly dramatic. Members of Cisco’s prestigious Talos malware team have revealed in a blog that a new style of malware, dubbed Rombertik, will automatically destroy itself and your hard drive if it realizes someone is trying to detect it.


At face value, Rombertik isn’t much different from most malware distributions, acting as a keylogger for your Web browser that hunts down any information might look remotely like a username/password combination or credit card number. These types of infections are a dime a dozen these days, but what makes Rombertik newsworthy is the way in which it attempts to avoid detection if it’s picked up by an antivirus scan or found in a folder by the user themselves.

Malware with prebuilt instructions on how to avoid detection is nothing new, and any malicious program worth its salt will generally have at least one or two shields set up to keep itself away from the gaze of watchful eyes. This can be anything from hijacking the AV program itself to display false results, to deleting the infected file before a user has a chance to run it past diagnostics.

Related


Rombertik takes these tactics to a whole different level. It will automatically format a person’s hard drive if any part of the infection senses a disturbance to its operations is about to happen. There are a number of other camouflage techniques it will use before the nuclear option, such as loading up sandbox analysis tools with 950 million lines of code at once or attempting to overwrite the master boot record (MBR) to make the computer inoperable, but if all of these fail to prevent someone from getting a look at the innards of Rombertik, it wipes the hard drive it’s been installed on and takes all your data down with it.

Realistically, the only way you might be able to coax Rombertik into self-destruct mode is if you’re a high-level researcher who knows how to get past all its other defenses first, but the fact that the threat is still there is enough to have us checking links in our email twice before making any risky clicks too quick.

Editors' Recommendations

Topics
These 7 AI creation tools show how much AI can really do
Metaphor works like DALL-E and Stable Diffusion but uses AI to fill in prompts with links instead of text or images.
If you use PayPal, your personal data may have been compromised
A person holds a mobile phone with the PayPal app open.
How to fix audio issues in macOS
Apple MacBook Gold 2015 speaker grill
The best password managers for 2023
have i been pwned owner uncovers 13 million plaintext passwords leaked from free webhost is a safe password even possible we
Apple Reality Pro: everything we know about Apple’s VR headset
Apple VR Headset Concept by Antonio De Rosa
What MacBooks needs to learn from competitors about transparency
A MacBook Pro M2 sits on a wooden table with a nice bokeh background.
Best Apple Deals: Save on AirPods, iPads, MacBooks and more
dell xps 15 vs macbook pro 16 apple ry 14 1200x9999
You’ll be surprised how cheap this 27-inch QHD monitor is today
Dell's new 4K monitor can connect to two PCs with an auto KVM feature.
We now know how Apple’s VR headset may handle video, and it’s pretty awesome
A rendering of an Apple mixed-reality headset (Reality Pro) in a gray color seen from the front.
Best HP laptop deals: HP Envy, HP Spectre x360, and more
A woman video chats with her friends on an HP Envy laptop.
The first RTX 4080 laptops are much cheaper than we expected
Someone typing on the Alienware m18 laptop.
Intel targets RTX 3060 takedown with Arc Alchemist price cut
Two intel Arc graphics cards on a pink background.
Perfect for school, this 14-inch laptop is discounted to $150 today
Asus 14-inch Laptop on a white background.