Windows God Mode hack may attract malware attackers

2 minute read

Home » News » Windows God Mode hack may attract malware attackers

There’s a Windows hack going around known as God Mode and at first glance, one could easily believe it to allow hackers completely command over a computer. However,this is not the case as God Mode only makes it possible for hackers to command Control Panel options and Settings.

That doesn’t mean the God Mode hack isn’t a problem, though: security researchers have claimed to have used the hack to create a special folder to gain access to the Control Panel and all its features, something that could be exploited by malware.

While we didn’t take this thing too seriously before, this changes everything. According to McAfee, the God Mode easter egg is great for power users but one should bear in mind it can be used by attackers for nefarious purposes.

Should an attacker place certain files in the special folder, malware such as Dynamer could run undetected for quite some time.

McAfee researchers had the following to say via a blog post:

“It allows users to create a specially named folder that acts as a shortcut to Windows settings and special folders, such as control panels, My Computer, or the printers folder. This “God Mode” can come in handy for admins, but attackers are now using this undocumented feature for evil ends. Files placed within one of these master control panel shortcuts are not easily accessible via Windows Explorer because the folders do not open like other folders, but rather redirect the user.”

If you’re infected by Dynamer, a registry key is created and will persist even after multiple reboots. The following is what users should look for to determine if Dynamer is definitely on their system:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

lsm = C:\Users\admin\AppData\Roaming\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}\lsm.exe

To kill the problem once and for all, take the follow the steps below:

  1. First, the malware must be terminated (via Task Manager or other standard tools).
  1. Next, run this specially crafted command from the command prompt (cmd.exe):

rd “\\.\%appdata%\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}” /S /Q

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

Your browser doesn’t allow clipboard access [FAST FIX]

Vladimir Popescu avatar. By: Vladimir Popescu
3 minute read

A large number of users have reported that the copy-paste function doesn’t work inside their browser, and an error message appears saying Your browser doesn’t […]

Continue Reading

This program is blocked by Group Policy [QUICK GUIDE]

Alexandra Miu avatar. By: Alexandra Miu
2 minute read

Have you ever encountered This program is blocked by Group Policy error on your PC? Fortunately for you, this error is relatively simple to fix, […]

Continue Reading

The 14 best firewall devices to protect your home network

Milan Stanojevic avatar. By: Milan Stanojevic
18 minute read

Although the Internet offers an abundance of information, many users are concerned about their security online. Most routers offer solid firewall protection, but if you […]

Continue Reading