Windows God Mode hack may attract malware attackers

There’s a Windows hack going around known as God Mode and at first glance, one could easily believe it to allow hackers completely command over a computer. However,this is not the case as God Mode only makes it possible for hackers to command Control Panel options and Settings.

That doesn’t mean the God Mode hack isn’t a problem, though: security researchers have claimed to have used the hack to create a¬†special folder to gain access to the Control Panel and all its features, something that could be exploited by malware.

While we didn’t take this thing too seriously before, this changes everything. According to McAfee, the God Mode easter egg is great for power users but one should bear in mind it can be used by attackers for nefarious purposes.

Should an attacker place certain files in the special folder, malware such as Dynamer could run undetected for quite some time.

McAfee researchers had the following to say via a blog post:

“It allows users to create a specially named folder that acts as a shortcut to Windows settings and special folders, such as control panels, My Computer, or the printers folder. This “God Mode” can come in handy for admins, but attackers are now using this undocumented feature for evil ends. Files placed within one of these master control panel shortcuts are not easily accessible via Windows Explorer because the folders do not open like other folders, but rather redirect the user.”

For various PC problems, we recommend to use this tool.

This tool will repair most computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Quickly fix PC issues and prevent others from happening with this software:

  1. Download ReimagePlus (100% safe download and endorsed by us).
  2. Click ‚ÄúStart Scan‚ÄĚ to find Windows issues that could be causing PC problems.
  3. Click ‚ÄúRepair All‚ÄĚ to fix all issues.

If you’re infected by Dynamer, a registry key is created and will persist even after multiple reboots. The following is what users should look for to determine if Dynamer is definitely on their system:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

lsm = C:\Users\admin\AppData\Roaming\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}\lsm.exe

To kill the problem once and for all, take the follow the steps below:

  1. First, the malware must be terminated (via Task Manager or other standard tools).
  1. Next, run this specially crafted command from the command prompt (cmd.exe):

rd ‚Äú\\.\%appdata%\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}‚ÄĚ /S /Q

RELATED STORIES YOU NEED TO CHECK OUT:

Tags:




Leave a Reply

Your email address will not be published. Required fields are marked *