As first published on ZDnet’s Zero Day Blog, Cisco System’s Talos Group has identified a new strain of malware that will render systems useless to avoid detection and analysis.
Named as the Rombertick strain, the spyware collects data on everything a victim does online, indiscriminately, without focusing on specific areas such as online banking or social media.
Most concerning, however, is the Rombertick’s built in defenses. If the virus detects that it is being analyzed it will attempt to overwrite the Master Boot Record, rendering the PC inoperable. If that fails, the virus will destroy all files in a user’s home folder by encrypting each file with random keys.
In short, once infected, it is nearly impossible to remove without rendering you PC useless.
As Rombertick infection rates are still low, the best protection is good security practices:
- Make sure you anti-virus software is up to date and switch to (or add) a cloud-based AV solution with continuous updates.
- Do not click on attachments from unknown senders
- Block email attachments that include executable scripts or code
While these steps are helpful, a defense-in-depth approach is best at identifying and preventing malware, particularly for viruses that are designed to evade detection.
If you would like to verify the robustness of your anti-virus protection, we can add a cloud-based layer of protection at no cost for a month and help you analyze your results. Contact us for additional information.