Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » New infostealer tries to foil analysis attempts by wiping hard drive

New infostealer tries to foil analysis attempts by wiping hard drive

2015/05/05

Help Net Security - (International) Security researchers from Cisco discovered a new information-stealing trojan dubbed Romberik, which is being delivered via spoofed emails purporting to be from the "Windows Corporation," and hooks into users' browsers to read credentials and other sensitive information for exfiltration to an attacker-controlled server. If the trojan detects an analysis attempt, it attempts to destroy the affected computer's hard disk by overwriting the system's master boot record (MBR).

Source: http://www.net-security.org/malware_news.php?id=3032

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:15