[Utilizer]

No word on how to protect from it or prevent it so far.

[Utilizer]

Ping.

[nickcarraway]

It’s called Windows?

[tacticalogic]

Can it overwrite the MBR on a Safe Boot / UFEI machine?

[Utilizer]

More info:

Cisco researchers have identified a new malware sample, called Rombertik, that takes its detection evasion features one step further than the average cyber threat.

Instead of simply self-destructing when analysis tools are detected, Rombertik attempts to destroy the device’s master boot record (MBR), researchers wrote in a blog post.

This malware spreads through spam and phishing messages sent to possible victims.

In one example, attackers attempted to convince a user to download an attached document in an email. If downloaded and unzipped, a file that looks like a document thumbnail comes up. Although it mimics a PDF icon, it is actually a .SCR screensaver executable file containing the malware.

At this point Rombertik will first run anti-analysis checks to determine whether it is running within a sandbox. If it isn’t, it will then decrypt and install itself, which then allows it to launch a second copy of itself and to overwrite the second copy with the malware’s core functionality.

...

http://www.itnews.com.au/News/403620,new-malware-strain-destroys-master-boot-record-to-avoid-detection.aspx

[Billthedrill]

Restoring a PC with its MBR deleted involves reinstalling Windows, which could mean important data is lost.

No, it doesn't.

[jetson]

bing

[TonyM]

No doubt created by liberal democrats so Hillary can say that is what happened to all of her e-mails. Yeah, that’s the ticket, virus destroyed my e-mails, and Morgan Fairchild’s too.

[Bratch]

Security expert Graham Cluley said destructive viruses such as Rombertik were quite rare.

So far.

[Still Thinking]

Self-destructing virus kills off PCs

Stop talking about Windows like that!

[Excuse_My_Bellicosity]

Destroying your computers runs completely counter to the purpose of watching your habits and stealing your personal data. This "article" is written like a junk e-mail ("destroys your computer!").

"involves reinstalling Windows, which could mean important data is lost"
This does not make logical sense, I've reinstalled Windows many times with no loss of data.

[SWAMPSNIPER]

This will continue until we bring back public hanging.

[bicyclerepair]

Wont affect my awesome linux pc ha

[Squawk 8888]

Restoring a PC with its MBR deleted involves reinstalling Windows, which could mean important data is lost.

Wrong. Restoring a corrupted MBR is child's play; I've done it several times for clients.

[GeronL]

Whoever makes these things need to be drawn and quartered

[Steve_Seattle]

I recommend capital punishment for the animals who create these things. A firing squad would be too kind.

[RichardW]

A week ago my second desktop started acting weird, constantly restarting. I fixed the problem by hitting the F2 key and got into Windows. I then ran two anti-virus programs and it hasn’t recurred. Don’t know if this is related but I had never had that happen before. That was my wife’s computer and she is sure that she didn’t download anything but I’m guessing something was downloaded.

[rarestia]

Restoring a PC with its MBR deleted involves reinstalling Windows, which could mean important data is lost.

BS!

Boot into the recovery console:

bootrec /fixmbr bootrec /fixboot

And you're back. Granted, your system is still infected, but you're not in a boot loop.

I have to imagine they've figured out how to isolate and study this. Virtual machines are a wonderful thing.

[Bloody Sam Roberts]

Sounds like Rombertik has been through some serious SERE training.       =;^)