Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Grudge malware wipes files and insults victims, security firm warns

"Because f*** you! That's why"

Article comments

Security firm Malwarebytes has discovered a bizarre piece of ‘grudge’ malware that appears to have been crafted to do nothing more complicated than wantonly destroy data files on the PCs of its victims.

Apparently a variant of a common data-stealer, Trojan MSIL.st as it has been named by Malwarebytes is an oddity, combing the hard drive any machine it infects for common file types, including database files, Jpegs, text files,  a variety of archive and compressed formats and even setup.exe and .bak files.

Once it finds them it erases their contents, replacing this with the string “because f*** you! That's why.” As well as destroying data this stops some programs from running correctly.

Fifteen years ago, before the era of commercial malware, Trojan MSIL.s‘s behaviour would have been the norm but malware that sets out to infect and disrupt computers as an end in itself is relatively rare these days. Prank malware surfaces from time to time but is usually swiftly detected and shows very low infection rates.

The few programs that have been bent on destruction (a good example would be the Shamoon attacks the Saudi oil industry in 2012) wield a degree of sophistication and co-ordination in order to achieve their purpose of infecting large number of systems in a short period of time. Attacks of this kind are always multi-faceted.

“It’s not as common to see malware that operates in this fashion, almost seeming to play pranks on the user,” said Malwarebytes’ researcher, Rich Matteo.

“Most of today’s modern malware tries to remain stealthy in order to avoid detection, unlike in this case where it starts trashing your computer, visibly disrupting your files and just causing headaches.”

Most likely, the program was the work of a programmer or programmers “with too much time on their hands,” he reasoned.

Alternatively, these programs still exist at low levels but are either not noticed due to very low infection rates or, with much more important malware to analyse, go unreported by security firms.

The few that do surface suggest the old-fashioned ‘virus’ mentality of loners who build nuisance or malevolent programs because they can is alive and well when the world cares to look. A good example was the

A good example was the 2010 Zimuse malware whose intended target was the hard drives of a Slovakian motorcycle club; the malware escaped and started trashing hard drives across the world.

Even commercial programs can be odd sometimes, such as the Krotten ransom Trojan that infected its victims PC in order to demand a payment of only $4. A more mysterious (an unconfirmed) example was the 2012 AC/DC malware that reportedly played the track Thunderstruck during attacks detected at nuclear facilities in Iran.

Perhaps the purest example was W32/Hoots-A worm from 2006 which set out to hijack numerous print queues in a single targeted organisation in order to print a large image of an owl.



Share:

More from Techworld

More relevant IT news

Comments

Vincent said: The things that people think up and time needed to create something like this is beyond me I find the term grudge maleware kind of amusing never heard of that one before



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *