His pandemic COVID-19 has caused many problems around the world. The most important of them is health and economy. However, we must not forget the malicious ones hackers, finding an opportunity to do so attacks, now that there is this general concern. There are, for example, some software that have been named COVID-19 malwareAnd destroy them systems, either deleting files either making its master boot record (MBR) inaccessible computer.
At least five different COVID-19 malware have been detected. Some have already been used and infected users, while others appear to have been created solely for testing or for fun.
The common element of all these malware is that they are related to COVID-19 and aim more at system destruction and less at profit.
Some of the most dangerous COVID-19 malware detected last month are two that make the computer's master boot record (MBR) inaccessible.
Advanced technical knowledge was definitely needed to create these COVID-19 malware.
In the first stage, just an annoying window appears, which the users cannot be shut down because COVID-19 malware already exists disable Windows Task Manager.
While users are dealing with this annoying window, the malicious program silently affects the MBR. It then restarts the computer and starts the new MBR, blocking them users on a pre-boot screen.
Users will eventually be able to regain access to their computers, but will need special applications to recover MBR.
Another similar malware, which is even more sophisticated, is said to be “CoronaVirus ransomware". The main function of this COVID-19 malware is to steal passwords from an infected computer and then to imitate the ransomware to deceive the user and fulfill his real purpose.
In fact, it is not ransomware. It just appears as ransomware. Once the theft procedures are completed data, malware enters a phase where it affects the MBR and blocks users in a ransomware message, preventing access to computers their. Users see a ransom note and then find that they cannot access their computers. So the last thing they think about is to check if someone stole the passwords from their applications.
According to the security researcher Vitali Kremez, malware also contained code that allowed files to be deleted. However, it was not active in the samples analyzed.
However, the researchers security have identified others COVID-19 malware, specializing in data deletion.
The first was identified in February. The malicious file name is written in Chinese and is probably intended for Chinese users. It is not known whether attacks have been carried out or simple tests are being carried out.
The second was discovered yesterday. He went to VirusTotal from someone in Italy.
Researchers believe the two malware are not very effective, as they have errors and use time-consuming procedures to delete files in infected systems. However, if used in attacks, they can "do their job".