Short Bytes: Microsoft, long known for harbouring different kinds of malware, this time, “unveils” bootkit, a malware which loads even before the Windows loads itself up. Formatting of drive and uninstallation does not work against it. This malware is targeting financial institutes to fiddle around with their high-valued data.Microsoft, a fun playground for the feather-capped hackers (Forget about the big daddies), has the proven credibility to offer something to play with to all the hackers, irrespective of their caste, colour, or country. And, before you boast that you have sufficient knowledge of all kinds of viruses on Microsoft’s Windows since the era of Windows XP, rethink. A new kind of virus has been found on Windows named as “bootkit” which strikes right at the fundamentals of Windows just like ISIS striking Paris at their home ground. And kudos! Microsoft does it once again.
It’s a common notion that all the viruses, worms, malware and trojans get activated after booting up the PC at least once. Well, not in this case. This malware is like a hungry wolf who does not want to wait for the prey to come rather it attacks before the prey shows up. Yes, you got it right. This malware loads up itself even before the poor slow-loading Windows wakes from the sleep.
Now the issue is that since the malware gets loaded even before the Windows loads up, it’s becoming very hard for the Windows to identify the virus, forget about removing it.
If you are thinking about formatting or a complete installation of fresh Windows is going to help you, Nah! the virus is promiscuous enough to hide in the root of your device. Many people are terming this attack equivalent to NSA attack where even the formatting or reformatting of the disc and device did not work.
The threat group behind all this ill-motivated activities is thought to be a part of malware ecosystem called “Nemesis”. These financially motivated attackers are surely after stealing the credit and debit card details and ATM operations. Such attacks have been seen in past but this time, the issue seems real monstrous. We hope Microsoft and financial institutions recover before it’s too late.
Read the complete research from security firm Fireeye.