Chinese hackers have unleashed a new malicious software that can survive Windows OS reinstalls and remains on your machine - even after being deleted. It lives in the start up folder and is labelled Intel Update.exe. Intel Update.exe is a trojan file that works to compromise your machine even when you think you've deleted it.
What does Intel Update.exe do?
Intel Update.exe is a malware that continuously persists on your machine regardless of deletion or Windows OS reinstallation. It does this by attacking your endpoint’s UEFI (Unified Extensible Firmware Interface). This allows it to be able to survive an operating system reinstall while not being affected by traditional anti-virus software.
The ultimate aim of this malware is to deliver other hacking tools on the targeted endpoint which is inclusive of a document compromiser. This is used to extract important documents from the directory before uploading them to the hackers command and control server. These documents are usually extremely important to companies, and if they are compromised it will cost a lot of money to recover from it.
It is the virus that just doesn’t go away and can be very detrimental to your machine. So, how exactly can we stop this malicious software?
How Can We Prevent This Virus?
- Making sure you have the correct security measures in place to protect your computers from this virus is an important step to take- especially with the growing threats that have been associated with it, and the amount of detriment it can cause for your company. For example you should really have next generation security measures in place which are more advanced than regular ones. You can do this by contacting us for your Cyber Security Risk Assessment.
- Sophos Intercept X should be in place. Here at CSG, we can implement Sophos Intercept X and Endpoint Protection Advanced to give you anti-exploit, anti-ransomware, cause analysis, system clean and the best anti-malware.
- What does Sophos Intercept X do? How does it protect? Intercept X uses deep learning, an advanced form of machine learning to detect both known and unknown malware without relying on signatures.
Intercept X blocks ransomware and any potential threats that could maliciously encrypt files on your device.
- Intercept X advanced with EDR allows you to query any question you have regarding the past or the present status of your machines.
For more information contact our team on 0330 400 5465