MBR Worm Win32/Zimuse.A Attacks Computers’ Hard Disk

Posted on January 26, 2010 by .

Share and Enjoy:
Follow Me on Pinterest More More

The MBR Worm Win32/Zimuse.A has already attacked hundreds of computers with its ability to overwrite master boot records (MBRs) of all available drives with its own data.

This ruthless tactic makes all the data stored on a user’s computer totally inaccessible. Experts say restoring the corrupted data is complicated, requiring specialized software or a third-party service provider.

Win32/Zimuse.A and Win32/Zimuse.B have been detected on hundreds of computers all over the world, according to security service providers. Initially after the outbreak, only users in Slovakia were affected, accounting for more than 90 percent of all infections. Now, however, the greatest number of infected computers is in the United States, followed by Slovakia, Thailand, and Spain.

This worm spreads in two ways: It could be embedded in legitimate websites in the form of a self-unpacking ZIP file or an IQ test program; or it could be spread via portable media, such as a USB device. Its ability to spread via portable media allowing the worm to spread faster and cause more problems.

The worm’s two variants – Win32/Zimuse.A and Win32/Zimuse.B – differ in the way they spread and the timing of activation. While Win32/Zimuse.A needs 10 days to start spreading via USB devices, Win32/Zimuse.B needs only seven days since infiltration, experts say. Moreover, the time needed for the execution of the destructive routine is shortened in Win32/Zimuse.B from the original 40 days to 20.

Some observers say Win32/Zimuse.A creates total chaos if a removal method is used and fails. Win32/Zimuse.A has the ability to shift to destructive mode. so be very careful what anti-spyware progam you use to keep your PC free of worms.

Popularity: 9%

Leave a Reply

To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word