Advice
The Dangers of the New “Rombertik” Malware | Storm Internet
A new malware called Rombertik has been identified by Talos, the company who creates threat intelligence for Cisco, which will wipe the user’s PC if they attempt to remove it. It is being spread by clicking on infected attachments in spam and phishing emails, some of the messages discovered to contain the bug so far appear as business enquiries from Microsoft. It works by locking every document on your PC if you attempt to detect it, and they’re impossible to get back, requiring users to completely reinstall Windows, losing any files stored on their PC in the process.
Once installed on the PC it injects code into your browser in an attempt to read your credentials and steal sensitive information such as login details from your internet browser, which could be used for identity theft.
Rombertik only affects Windows machines and is unique in that it actively attempts to destroy the computer if it detects certain attributes associated with malware analysis, such as security software. It regularly carries out internal checks to ensure it’s not at risk of detection, if it believes it is being analysed it will simply destroy the Master Boot Record (MBR), causing it to send a command to encrypt and lock all documents on the computer, entering an indefinite loop of restarts and displaying the message “Carbon crack, attempt failed”.
Even if security measures such as sandboxes are in place the malware will try to confuse them by writing a byte of random data into the memory 960 million times.
Tips to avoid this happening to you
- As it arrives in the form of infected email attachments, simply do not open the files, especially if they are in zip format and from an unknown sender.
- Ensure you back your system up regularly so that if you do have to perform a reinstall you won’t lose everything.
- Ensure your anti-virus software is up to date.
- Follow your company’s security policy for emails.
For more information on how we can help you with any security issues you may have please visit our website or speak with one of our security advisers on 0800 817 4727
More related news
Managed Hosting
Enhancing Efficiency and Innovation: The Strategic Advantage of Outsourcing DevOps
In the United States, your average DevOps engineer will make anything from...
Managed Hosting
Maximising Digital Performance: Strategies for Speed Optimisation on Websites and Platforms
We live in an age where instant gratification is the norm. Our...
Uncategorised
How to help your clients through security concerns and challenges
Another year and more cybersecurity statistics. The risks are real and exacerbated...
Speak with a Storm Expert
Please leave us your details and we'll be in touch shortly
For security of your account, please submit all support request by logging into your account portal. Technical support or account information/update requests submitted via this form will not be actioned. If your issue is urgent, please click the LiveChat link above to contact a support technician.
This form is to be used only by individuals who are not already customers of Storm Internet. If you are a customer and wish to raise a complaint, please log into your account by clicking here and raise a ticket specifing "Complaint" as the Issue Category.We take every complaint very seriously and a member of our customer service team will personally review your feedback. Please expect a response within 5 working days. All legal correspondence must be sent to our head office address as listed on this page. We will not accept legal notices sent to us electronically.
Unfortunately your enquiry could not be submitted.
To talk with one of our sales team, please call 0800 817 4727 or click here to start a Live Chat
Unfortunately your enquiry could not be submitted.
To talk with one of our sales team, please call 0800 817 4727 or click here to start a Live Chat
A Trusted Partner
