BREACH RADAR

Beware Of This PC Wiping Malware

Picture of Hodgson Consulting & Solutions

Hodgson Consulting & Solutions

Breach Alert

“With the coronavirus (COVID-19) pandemic raging all over the globe, some malware authors have developed malware that destroys infected systems, either by wiping files or rewriting a computer’s master boot record (MBR).” (zdnet.com, 2020) Upon investigation, multiple strains of malware were discovered. “The common theme among all four samples is that they use a coronavirus-theme and they’re geared towards destruction, rather than financial gain.” (zdnet.com, 2020) Researchers found four types of malware within the last month; with two being more advanced than the others.

“Some advanced technical knowledge was needed to create these strains as tinkering with a master boot record is no easy feat and could easily result in systems that didn’t boot at all. In the first phase, it just shows an annoying window that users can’t close because the malware has also disabled the Windows Task Manager. While users attempt to deal with this window, the malware is silently rewriting the computer’s master boot record behind their back. It then restarts the PC, and the new MBR kicks in, blocking users into a pre-boot screen. Users can eventually regain access to their computers, but they’ll need special apps that can be used to recover and rebuild the MBR to a working state. But there was a second coronavirus-themed malware strain that re-wrote the MBR. This one is a far more convoluted malware operation. It posed as the “CoronaVirus ransomware” but it was only a facade. The malware’s primary function was to steal passwords from an infected host and then mimic ransomware to trick the user and mask its real purpose.” (zdnet.com, 2020)

It may seem odd and/or alarming that while some ransomware, malware, and data wipers are created to do the types of damages described in their names, others are created just as jokes. The scary thing about those “jokes”, however, is that they still take real efforts, time, and money to repair – even if the hacker doesn’t hold your information for ransom. These are truly poor jokes at your expense.

How it Could Affect You

If you or your company has recently transitioned to a remote workforce setup, you may be a hacker’s dream target at this time. And whether they launch their attacks as a threat or a joke, the truth of the matter is that you have too much going on at this time to be concerned with their antics. The best plan is a preventative plan. Make sure you are placing safety measures in place now to protect your company and your employees. As of now, no one knows how long it will take before businesses identify their new normal, but we do know that our old norms aren’t coming back as soon as you may hope. Therefore, the responsible thing to do at this time is place permanent solutions in place for whatever your adapted work environment may look like at this time. We know that things will eventually get better, but that confidence does not mean that you or your company should wait around like sitting ducks in the meantime. Don’t allow hackers and cyber criminals to get a good laugh out of causing you headaches.

Hodgson Can Help

Be sure that your employees and staff are set up to succeed in case they are faced with a cyber-threat. Make sure that they at least know the basics in spotting these sorts of schemes. It is important to institute employee training, and now is the perfect time to start. Here at Hodgson Consulting & Solutions, we specialize in securing data and information loss prevention for companies with multiple locations and/or a remote workforce. We offer full solutions for your IT needs, not just Band-Aid fixes. Contact us to receive a FREE Cyber Security Risk Assessment and also learn more about our Managed Security Service Plans. Contact our office today at 847-906-5005.

Share Post: