After publishing details about a new DDOS attack carried out by a group called "DarkSeoul" against South Korean sites, Symantec researchers have come across a new piece of Malware designed to wipe the disks in infected systems.
The malware detected as Trojan.Korhigh, is capable of deleting files and overwrite Master Boot Record(MBR) . In addition , it is also capable of changing user passwords to " highanon2013" and deleting specific file types including asp, html,php,jsp and etc.
The malware detected as Trojan.Korhigh, is capable of deleting files and overwrite Master Boot Record(MBR) . In addition , it is also capable of changing user passwords to " highanon2013" and deleting specific file types including asp, html,php,jsp and etc.
The Cybercriminals who are behind the malware is interestingly designed the Trojan such that it will change the wallpaper of the compromised computers to Anonymous Image.
The Trojan also attempts to gather system information including OS version, computer name, current date and sends to remote server.