As a general rule, computer viruses pretty much suck. Most of them sneak in, infiltrate your hard drive, and run quietly in the background so they can do their dirty deeds. But a new malware, Rombertik, automatically self-destructs if it’s detected by your computer or your antivirus protocols, dragging your hard drive down with it. Instead of stopping the attack, Rombertik goes into a constant reboot mode and causes your hard drive to startup over and over.
According to TechTimes, “The Rombertik executable contains a massive amount of ‘garbage code,’ which the malware does not utilize. This aids it in inflating the volume of the code, which analysts need to assess and review, succeeding in confusing identification processes.
“The malware also writes a single byte of arbitrary data to the memory a whopping 960 million times. This is effective in misleading sandboxes into thinking the virus to be a regular program. It ends up growing the data log to over 100GB, which is a time-consuming process and further complicates the analysis and detection of the malware.”
Fortunately, there are a few things you can do about it. First, Rombertik is spread almost predominantly through phishing emails, so do not click on any link sent to you unexpectedly, even from a contact whom you think you know. The sender may have been hacked and his email used to spread malicious links. The same goes for opening unsolicited attachments. Also, making sure your antivirus software is up-to-date can help prevent its taking hold in the first place.
“Rombertik has been identified to propagate via spam and phishing messages sent to would-be victims … At a high level, Rombertik is a complex piece of malware that is designed to hook into the user’s browser to read credentials and other sensitive information for exfiltration to an attacker controlled server, similar to Dyre. However, unlike Dyre which was designed to target banking information, Rombertik collects information from all websites in an indiscriminate manner,” explained Ben Baker and Alex Chiu of Cisco.