Windows God Mode hack may attract malware attackers

2 minute read

Home » News » Windows God Mode hack may attract malware attackers

There’s a Windows hack going around known as God Mode and at first glance, one could easily believe it to allow hackers completely command over a computer. However,this is not the case as God Mode only makes it possible for hackers to command Control Panel options and Settings.

That doesn’t mean the God Mode hack isn’t a problem, though: security researchers have claimed to have used the hack to create a special folder to gain access to the Control Panel and all its features, something that could be exploited by malware.

While we didn’t take this thing too seriously before, this changes everything. According to McAfee, the God Mode easter egg is great for power users but one should bear in mind it can be used by attackers for nefarious purposes.

Should an attacker place certain files in the special folder, malware such as Dynamer could run undetected for quite some time.

McAfee researchers had the following to say via a blog post:

“It allows users to create a specially named folder that acts as a shortcut to Windows settings and special folders, such as control panels, My Computer, or the printers folder. This “God Mode” can come in handy for admins, but attackers are now using this undocumented feature for evil ends. Files placed within one of these master control panel shortcuts are not easily accessible via Windows Explorer because the folders do not open like other folders, but rather redirect the user.”

If you’re infected by Dynamer, a registry key is created and will persist even after multiple reboots. The following is what users should look for to determine if Dynamer is definitely on their system:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

lsm = C:\Users\admin\AppData\Roaming\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}\lsm.exe

To kill the problem once and for all, take the follow the steps below:

  1. First, the malware must be terminated (via Task Manager or other standard tools).
  1. Next, run this specially crafted command from the command prompt (cmd.exe):

rd “\\.\%appdata%\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}” /S /Q

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

How to enable Remote Desktop on Windows Server 2019

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

Remote Desktop Connection is basically a protocol that helps you to connect to another computer that is available at a remote location. It seems like […]

Continue Reading

FIX: Outlook 2016 does not support setup for Exchange accounts

Tashreef Shareef avatar. By: Tashreef Shareef
2 minute read

Microsoft Outlook 2016 does not support manual setup for an Exchange account directly from the add accounts interface. The add account now has only two […]

Continue Reading

Xbox Live won’t work on child account? Here are the 2 ways fix it

Tashreef Shareef avatar. By: Tashreef Shareef
2 minute read

To prevent fraud and protect children from the online threat Xbox allows the parents to create Child account with restrictions. However, the parents can share […]

Continue Reading