Unfortunately, we have another new virus to tell you about. Today, PC security experts around the world are trying to figure out a new type of malware called Shamoon. The malware was discovered by PC security firms on Thursday, August 16, and since then, we’ve been learning more and more about how the virus works.
Basically, Shamoon steals user information from some of the deepest folders on the computer. It extracts data from the Documents and Settings folder (which holds all of your personal information) as well as the System32/Drivers folder and System32/Config folders, among other places.
Making the Shamoon malware even more fearsome is the fact that it can overwrite the master boot record of computer, which basically means that it can run whenever it pleases. Unfortunately, overwriting the master boot record can also make a PC completely useless. Shamoon could change the master boot record to make sure that PC never turns on again, making the malware incredibly dangerous. As of yet, there are no confirmed reports of Shamoon turning a PC into a ‘brick’ (a useless piece of electronics), but it does have the ability to cause that kind of damage.
The Shamoon malware is also known as Disttrack. It’s difficult to spot and it infects PCs down to their most fundamental folders. The attack is launched in two stages. In the first stage, Shamoon infects a computer and then uses its internet connection to turn it into a proxy. Next, Shamoon begins to steal data from the user’s computer before communicating with other computers on that network.
This makes Shamoon particularly lethal for those on a corporate network. If Shamoon gains access to a corporate network through just one weak link in the computer security chain (like an unwary employee checking their email), it risks derailing the entire company’s security system. Once a virus gets inside access to a corporate network, even the most effective corporate antivirus software could have trouble stopping it.
The entire malware application is contained in a single 900kb folder. Shamoon is currently infecting computers that run every version of Windows (as far back as Windows 95).
If you think you’ve been infected with Shamoon, make sure you run a scan with your antivirus software. If you don’t have antivirus software – and don’t want to pay $50 or $60 for a new program – then try downloading PC Cleaner Pro. It’s free to try and will show you if malware is slowing down your computer’s performance. It can also clean out registry problems and improve PC speeds in a number of different ways.