A new trojan horse executable with the name google_accessibility.exe is making the rounds. Purporting to enable the blind and visually impaired to work around Google’s inaccessible visual verification scheme, it actually corrupts the data on the attacked system’s hard drives, rendering such systems inaccessible and effectively useless. In addition, all data on any mapped drives connected to the attacked system over a network share is completely erased. Recovery requires a full reformat and clean reinstallation of the operating system and all applications.

Google_accessibility.exe is extremely tempting to those whom have found themselves increasingly locked out of Google’s services due to inaccessible visual verification, but this trojan horse is not our salvation and must be avoided at all costs. A confirmed case of this attack resulted in the following catestrophic consequences:

  • JAWS went silent after the program was run.
  • A restart resulted in an unbootable operating system.
  • The data on the attached hard drive was so corrupted as to be impractical to recover.
  • A complete reformat and clean installation of Windows was required in order to restore the system to correct functionality.
  • A backup drive connected by way of a network share was wiped clean.
  • Approximately 100 GB of accessibility advocacy related materials, contact information, correspondence, documentation, e-mail, financial records, music, podcasts and other similarly critical data were completely lost.
  • Tens or perhaps hundreds of hours may be required to restore the Accessibility Command Center to full operation!