Security experts warn of crippling malware threat

New malware steals log-in details and leaves the victim's PC unusable

Security firm Webroot has warned of a "sinister" new threat that apparently uses malware to render a PC unbootable.

The firm said in a blog post that it had seen a number of new twists on existing malware that take a "scorched earth" approach to infected computers.

Andrew Brandt, a security researcher at Webroot, said that the malware attacks take data from a PC before making it unbootable. The attacks are so severe that any attempt to remove the malware causes the machine to crash repeatedly.

"Since the middle of last year, we've seen a sprinkling of malware that wipes out key files on the hard drive, sometimes preventing a reboot, after an infection," he said.

"This trend appears to be getting worse, leaving perplexed and angry victims unable to use their computers."

Infected computers are also added to a large botnet, according to Webroot, and a likely source for the infection is the Zbot Trojan, which is most often used to steal data and key-logging information.

"The bot is remarkably efficient at stealing any saved credentials or other usable log-in data, then sending it onwards within seconds of the infection taking hold on a PC," said Brandt.

Another likely culprit is the Tacticlol downloader, which usually comes in the body of an email, a Facebook update or other attachment.

Brandt said that Tacticlol can disable most common web browsers, and can lead to a forced Windows reinstallation.

Typically, Tacticlol will produce fake security notices, and will execute only if it is tampered with, according to Brandt.