Wiper Malware Called “Coronavirus” Spreads Among Windows Victims


A new Windows malware has emerged that makes disks unusable by overwriting the master boot record (MBR). It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.”

Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that caused widespread, global financial damage.

Worryingly, according to the SonicWall Capture Labs Threat Research team, the fresh malware strain is also a destructive trojan — though not as destructive as other wipers. And like its namesake, there’s no obvious cure. In a posting on Tuesday, researchers explained that victims of the Coronavirus trojan find themselves with a gray screen and a blinking cursor with a simple message, “Your computer has been trashed.”

Read more…
Source: ThreatPost