Names | BootWreck MBRkiller | |
Category | Malware | |
Type | Wiper | |
Description | (Flashpoint) Wiper malware that may have destroyed as many as 9,000 workstations and 500 servers inside the Banco de Chile in a late-May attack has similarities to the Buhtrap malware component known as MBR Killer, leaked to the underground in February 2016. Analysts at Flashpoint reverse-engineered the identified malware linked to the May 24 attack against the country’s largest financial institution, and said the malware is a modified version of a MBR Killer module known as kill_os. MBR Killer infections render the local operating system and the Master Boot Record unreadable. | |
Information | <https://www.flashpoint-intel.com/blog/banco-de-chile-mbr-killler-reveals-hidden-nexus-buhtrap/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.bootwreck> |
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Lazarus Group, Hidden Cobra, Labyrinth Chollima | 2007-Sep 2024 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |