This spyware sounds like a nasty piece of work:
Rombertik is spyware designed to collect data on everything a victim does online, doing so in an indiscriminate manner rather than focusing on areas such as Internet banking or social media accounts. After being loaded into a system via a phishing campaign and malicious email attachments, Rombertik runs a series of anti-analysis checks, such as checking to see if it is running within a sandbox.
Once complete, Rombertik will then decrypt and install itself on a victim's computer. Following installation, a second copy of itself is launched and overwritten with the malware's core spying functionality.
The spyware is unusual, however, in how far the malicious code will go to prevent detection, analysis and debugging. According to Cisco, before the malware begins spying on a victim Rombertik runs a final check to detect if it is being analyzed in memory. If this check fails, it will destroy the master boot record (MBR) of a compromised computer -- rendering the PC inoperable.
The usual precautions must be emphasized: back up regularly, don't open attachments from people you don't know, keep anti-virus software up-to-date, etc.