Malware That Fakes Hard Drive Failure
Post on 25-Jul-2015
Embed Size (px)
1. Malware That Fakes Hard Drive Failure From precious photos to important work documents, a computers hard drive typically contains heaps of priceless data. Thats why losing everything in the hard drive is a great fear for manyespecially those who havent taken http://www.zonealarm.com/security/en-us/zonealarm-free-antivirus-firewall.htm precautions to back their files up, either in the cloud or on an external hard drive. A new piece of malware called Trojan.Fakefrag capitalizes on this fear with a pretty elaborate ruse. Trojan.Fakefrag differs from other malware in that it actually moves files from the desktop and Start menu to hidden locations in the computer, making it appear as though the hard drive is being attacked and important files are being deleted. How Trojan.Fakefrag Works Trojan.Fakefrag can evidently make it onto a computer through a variety of methods, but a common method of infection is through drive-by-download. Once the Trojan executes, an error message appears, citing a Problem with the hard disks and asking that you restart your computer. Helping to further incite a sense of urgency, the malware causes icons to disappear from your desktop and Start menu. However, further investigation into the matter reveals that the files havent been deleted; theyve just been relocated to hidden or inconspicuous locations on the computer. Soon, other alerts pop up, including one that encourages the victim to run a (fake) diagnostics scan. The fake diagnostics scan is actually a variant of the UltraDefraggerFraud family. When it has finished scanning, it finds that the computer has been infectedsurprise, surpriseand offers a malware removal tool for $79.50. If these messages are ignored, other increasingly urgent warnings appear, and eventually, the malware renders the computer unusable. What to Do if Your Computers Infected with Trojan.Fakefrag Firstly, make sure you dont pay the $79.50 for the fraudulent removal tool. Thats just what the cybercriminals behind the malware attack want you to do, and it really doesnt fix anything anyway. On the contrary, Trojan.Fakefrag not only results in you losing 80 bucks; it leaves your personal information in the hands of criminals. Trusted Antivirus programs should be able to clean the infection, and your missing files can be recovered with some digging (use Windows search tool or Windows Explorer and browse to %temp%smtemp). And if you havent done so already, make sure to back your files up! A hard drives a terrible thing to lose.