Tuesday, August 11, 00:38
Home security New COVID-19 malware deletes files and affects your PC's MBR

New COVID-19 malware deletes files and affects your PC's MBR

COVID-19 malware

His pandemic COVID-19 has caused many problems around the world. The most important of them is health and economy. However, we must not forget the malicious ones hackers, finding an opportunity to do so attacks, now that there is this general concern. There are, for example, some software that have been named COVID-19 malwareAnd destroy them systems, either deleting files either making its master boot record (MBR) inaccessible computer.

At least five different COVID-19 malware have been detected. Some have already been used and infected users, while others appear to have been created solely for testing or for fun.

The common element of all these malware is that they are related to COVID-19 and aim more at system destruction and less at profit.

MBR-rewriting malware

Some of the most dangerous COVID-19 malware detected last month are two that make the computer's master boot record (MBR) inaccessible.

Advanced technical knowledge was definitely needed to create these COVID-19 malware.

The first MBR rewriter was discovered by a researcher security and is detailed in one reference by Sonicall. The malware has the name COVID-19.exe and infects a computer two stages.

In the first stage, just an annoying window appears, which the users cannot be shut down because COVID-19 malware already exists disable Windows Task Manager.

COVID-19 malware

While users are dealing with this annoying window, the malicious program silently affects the MBR. It then restarts the computer and starts the new MBR, blocking them users on a pre-boot screen.

Users will eventually be able to regain access to their computers, but will need special applications to recover MBR.


Another similar malware, which is even more sophisticated, is said to be “CoronaVirus ransomware". The main function of this COVID-19 malware is to steal passwords from an infected computer and then to imitate the ransomware to deceive the user and fulfill his real purpose.

In fact, it is not ransomware. It just appears as ransomware. Once the theft procedures are completed data, malware enters a phase where it affects the MBR and blocks users in a ransomware message, preventing access to computers their. Users see a ransom note and then find that they cannot access their computers. So the last thing they think about is to check if someone stole the passwords from their applications.


According to the security researcher Vitali Kremez, malware also contained code that allowed files to be deleted. However, it was not active in the samples analyzed.

Clear data

However, the researchers security have identified others COVID-19 malware, specializing in data deletion.

The first was identified in February. The malicious file name is written in Chinese and is probably intended for Chinese users. It is not known whether attacks have been carried out or simple tests are being carried out.

The second was discovered yesterday. He went to VirusTotal from someone in Italy.

Researchers believe the two malware are not very effective, as they have errors and use time-consuming procedures to delete files in infected systems. However, if used in attacks, they can "do their job".


Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!


The best security cameras to protect your home!

If you are afraid of intruders in your home, these security cameras can stream live video directly to your phone.

Do hackers carry out their attacks in real time?

More generally, there is a perception that hackers are suddenly infiltrating systems and devices and carrying out attacks. However, the reality is different. The...

Facebook: How to hide old posts

Facebook has introduced a new tool called "Activity Management" that will allow you to delete old posts, helping you to improve ...

How to download and install the Play Store on laptops and PCs?

Nowadays, many people rely on their smartphones, as they can be used easily and quickly for ...

Portable air conditioner: It is worn on the back and as a jewel 😛

Portable air conditioner - Worn on the back and like jewelry: 40 degrees and we have melted. Those of you who are lucky on the beach, please stop ...

How to download Google Camera Port 7.4 / GCam 7.4 on Xiaomi devices?

Pixel devices have Google Camera (GCam) as their default camera application. And since the Pixel series is known for ...

How to type in multiple languages ​​simultaneously on Android

People in today's world are very much addicted to smartphones. They provide access to many applications that can be used mainly ...

LucidPix: Make your photos 3D with this app!

Give a 3D format to your photos, with the LucidPix application, which is available in various versions for both Android and iPhone ...

Private or anonymous browsing: Does it guarantee your privacy on the Internet?

The term "private" is relevant, especially when it comes to private or anonymous browsing on the Internet, a setting in your web browser ...

Businesses: 8 types of cyber attacks to watch out for

Nowadays, all businesses, small and large must be on alert, as they can ...