How New Malware Could Wipe Your Data and What to Do About It

Poof, your information’s gone

By
Sascha Brodsky
Sascha Brodsky headshot
Sascha Brodsky
Senior Tech Reporter
  • Macalester College
  • Columbia University
Sascha Brodsky is a freelance journalist based in New York City. His writing has appeared in The Atlantic, the Guardian, the Los Angeles Times and many other publications.
lifewire's editorial guidelines
Published on December 15, 2022 11:28AM EST
Fact checked by
Jerri Ledford
Jerri Ledford
Fact checked by Jerri Ledford
  • Western Kentucky University
  • Gulf Coast Community College
Jerri L. Ledford has been writing, editing, and fact-checking tech stories since 1994. Her work has appeared in Computerworld, PC Magazine, Information Today, and many others.
lifewire's fact checking process
  • The newly discovered Azov virus is spreading fast and could erase your data. 
  • Experts say you should keep your antivirus software up to date. 
  • Be wary of clicking on electronic holiday greeting cards as they could contain malware like Azov.
Malware Detected Warning Screen with abstract binary code 3d digital concept

Olemedia / Getty Images

A new kind of computer virus could erase your data with the click of a button. 

Check Point Research recently discovered Azov, a previously unseen malware that the company says can destroy data on a device in an unrecoverable way. How? Azov works by overwriting your information with random data.

"Malware typically is trying to cause you harm in one form or another," Andrew Barratt, vice president of cybersecurity company Coalfire, told Lifewire in an email interview. "It's a bit like living with a criminal that you can't see. It's going to sit [at] your computer stealing anything that can give it access to your money, and if it can't do that—it's going to make your computer of limited use to you."

A Nasty Virus

Azov is a particularly unpleasant computer infection. Check Point Research said on its blog that one thing that sets Azov apart from recent ransomware is its ability to execute its own code. 

"This technique allows Azov to avoid detection by static definitions, as its payload can come in so many different forms," Jesh Sax, a technical account manager at cybersecurity company Tanium, told Lifewire via email. "Once on the system, Azov will corrupt the user's files and inject its code into other executables, [persisting throughout] the system unless it is completely wiped. This is a destructive piece of malware that circumvents many basic detection methods."

Azov is spreading quickly. Every day, hundreds of new Azov-related samples are submitted to VirusTotal, and as of November 2022, it has already exceeded 17,000.

Worryingly, Azov will also infect, or "backdoor," 64-bit Windows executable files—essential files used to launch and run applications—in a way that doesn't follow a pattern, Rizwan Virani, CEO of Alliant Cybersecurity, said in an email interview with Lifewire. Instead, Azov infects executable files in a polymorphic way, encoding a completely different code each time it corrupts one, making it harder for security researchers to detect and analyze it.

"Azov malware is a wiper malware that overwrites a file's content and corrupts data," Virani added. "The complex and random methods by which Azov corrupts files makes it more dangerous than some other malware we've seen before."

Keeping Your Data Safe

Experts say there are ways to guard against malware like Azov.

Virani said it's important to keep your computer and software up to date, including installing the latest antivirus software. He and Sax both added that people should always be careful before clicking on any links, downloading anything from the internet, or opening email attachments or images. 

"Downloads are one of the easiest ways malware can spread, so proceed with caution if a link is suspicious or unfamiliar," said Virani. "This extends to file-sharing sites, where there are few protections against malware, and it can lurk in a seemingly innocuous download for a popular movie, for example."

The complex and random methods by which Azov corrupts files makes it more dangerous than some other malware we’ve seen before.

If you're extra concerned about malware, Virani suggests using a non-administrator account that can't make system-wide changes for daily web browsing when possible. "Most computers can create multiple accounts, so it's better to do daily web browsing on an alternative account rather than risk infecting an admin account with malware," he added. 

Ironically, the holiday season is one time of the year when you need to be particularly careful about computer infections, Sergio Tenreiro de Magalhaes, the chair of cybersecurity programs for Champlain College, told Lifewire in an email interview. Many people send digital cards to their friends as email attachments or links in emails or text messages.

"Cybercriminals know this and create holiday cards that carry malware," he added. "Even if the sender is a trusted person, that person might not be aware that they are spreading malware with their holiday cards. Therefore, users should never open these attachments or click on those links, and they should not forward these emails or messages to their colleagues and friends."

Was this page helpful?