... net.sf.xss-html-filter xss-html-filter 1.1 xss-html-filter releases xss-html-filter Releases Repository http://xss-html-filter.sf.net/releases/ Computer Hacks and tricks: Malware erases files, leaves 'f*** you' message

Tuesday, March 25, 2014

Malware erases files, leaves 'f*** you' message

Malware erases files, leaves 'f*** you' message
Troll Malware that is something new!!!
Detected under name:Trojan.MSIL.ST (by MalwareBytes Pro)
A researcher at Malwarebytes had discovered a piece of malware that erases files on a person's PC and leaves behind a charming message: "Because f*** you! That's why." 

Rich Matteo first became aware of the malware through a post on Malwarebytes' public forums by a Polish user. Matteo found that once a host PC is infected, the malware looks for certain types of files -- including Microsoft Access databases (.mdb, .accdb), SQL server databases (.mdf), text files (.txt), Excel spreadsheets (.xls), Word documents (.doc), Powerpoints (.ppt), Zip archives (.zip), JPG images (.jpg), Backup files (.bak), Rar archives (.rar), 7z archives (.7z), Cabinet files (.cab), and files ending with "setup.exe". Once it finds these files, it deletes them and replaces their contents with the aforementioned message. It's no surprise that this causes many programs to stop working, one of which was Matteo's Malcode Analyst Pack. 

Pretty smart huh.The malware is a .NET Assembly that's been obfuscated with SmartAssembly v6. Now the question in is this a CyberCriminal , a Hacktivist , or a prankster.

It is possible that the malware is distributed through infected websites, malicious email attachments , phishing or one of the hackers favorite ways Facebook. Anyone who finds their computer infected would be made aware of it very quickly, since the file formats targeted are so commonly used.


No comments:

Post a Comment