COVID-19 Malware: Malicious virus attacking your PC’s boot files and overwriting MBR!

COVID-19 Malware

The worldwide novel coronavirus pandemic (COVID-19) has everyone under lockdown. Internet usage has increased over the period. Malware infections are on the rise now. Some malicious developers have developed a malware codenamed ‘COVID-19 malware’. Because it destroys infected systems, either by ripping files or by rewriting the computer’s master boot record (MBR).

With the help of cybersecurity, researchers have identified 5 strains of malware. Some viruses are roaming in the wild, while others are solely for testing or jokes. All of the viruses use a coronavirus theme. But all are for destruction and not economic gain.

COVID-19 malware has malicious MBR rewriting software

Out of the 4 samples of malware found by security researchers at Acronis last month, the most recent are the two samples that rewrote MBR sectors. MBR is your master boot record.

Some advanced technical knowledge was needed to create these varieties, since registering with a master boot record is not easy and can easily result in systems that are not fully bootable.

The first of the MBR rewriters was discovered by a security researcher named MalwareHunterTeam, and detailed in a SonicWall report this week. Named COVID-19.exe or COVID-19 malware, this malware infects a computer and has two stages of infection.

Image: SonicWall

Also Read: Biohybrid Innovation in Mars or Earth: turns Carbon Dioxide into new products!

In the first phase, you only see an annoying window that users cannot close because the malware has also disabled Windows Task Manager. In later stages, all your registries are rewritten. It completely destroys your PC’s file structure.

 

 

It might seem strange for some developers to create destructive malware. But this is not the first time. For every type of malware that security researchers discover, there is also one that is also a joke. Just for the sake of risk. During the WannaCry ransomware outburst in 2017, when days after the original WannaCry ransomware encrypted computers around the world. There were countless clones doing the same for no apparent reason.

Leave a Comment