 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: BootWreck| Names | BootWreck MBRkiller | |
| Category | Malware | |
| Type | Wiper | |
| Description | (Flashpoint) Wiper malware that may have destroyed as many as 9,000 workstations and 500 servers inside the Banco de Chile in a late-May attack has similarities to the Buhtrap malware component known as MBR Killer, leaked to the underground in February 2016. Analysts at Flashpoint reverse-engineered the identified malware linked to the May 24 attack against the country’s largest financial institution, and said the malware is a modified version of a MBR Killer module known as kill_os. MBR Killer infections render the local operating system and the Master Boot Record unreadable. | |
| Information | <https://www.flashpoint-intel.com/blog/banco-de-chile-mbr-killler-reveals-hidden-nexus-buhtrap/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.bootwreck> | |
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
Previous: Boostwrite
Next: BottomLoader
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Lazarus Group, Hidden Cobra, Labyrinth Chollima |  | 2007-May 2025 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |