A new piece of malware called MoonBounce is so dangerous that it can survive a drive reformat, It is especially concerning because the best diagnosis for most infected machines is a factory reset, Researchers from Kaspersky, a global leader in anti-virus software, discovered MoonBounce
Viruses are everywhere today. Unfortunately, we are not referring to a mutation in Covid-19. Before the pandemic hit, digital viruses were considered to be the biggest threat? They’re still a big threat. In fact, a recent malware called “MoonBounce” is so dangerous that it can survive a drive reformat.
Because most infected machines can be diagnosed using a factory reset, this is especially troubling. Now that malware like MoonBounce can bypass the last resort, it might be time to rethink how malware of the future will operate.
What is MoonBounce?
Scientists from Kaspersky, a global leader in anti-virus software, discovered MoonBounce. Would you like to know how MoonBounce is able to escape a hard reset? Turns out that the malware does not even exist on the hard drive but instead resides in the SPI flaws memory in the motherboard.
There are, of course, solutions. It may be permanently removed by re-flashing the SPI memory, but this is an exceptionally complicated procedure that a regular user is not likely to be capable of doing. Alternatively, you can replace the motherboard completely, which can be more expensive. Motherboards can cost anywhere from *4,000 to ₹50,000.
MoonBounce’s origins can be traced to (surprise surprise!) China! MoonBounce is a stage one malware that performs a multi-stage attack. MoonBounce allows its administrators to deploy stage-two malware later on that may be used to harvest data, run code, and more.
So far, only one instance of MoonBounce has been detected – on a computer belonging to a transportation services company.
Where does MoonBounce come from? Researchers are convinced that the malware is the work of APT41, a cybercrime group backed by China. MoonBounce and its complementary stage-two malware were detected communicating with APT41 servers.
The digital world continues to be inundated with fresh cyber threats. What are your thoughts? Let us know in the comments below. For more in the world of technology and science, keep reading…