Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
IT

Data-Wiping Malware Shamoon Destroys Files At Italian Oil and Gas Company; Other Energy Companies Operating in the Middle East Warned of Cyber Attacks (zdnet.com) 22

An anonymous reader writes: A new variant of the Shamoon malware was discovered on the network of an Italian and UAE oil and gas companies. While the damage at the UAE firm is currently unknown, the malware has been confirmed to have destroyed files on about ten percent of the Italian company's PC fleet.

Shamoon is one of the most dangerous strains of malware known to date. It was first deployed in two separate incidents that targeted the infrastructure of Saudi Aramco, Saudi Arabia's largest oil producer, in 2012 and 2016. During those incidents, the malware wiped files and replaced them with propaganda images (burning US flag, body of Alan Kurdi). The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks. Historically, the malware has been tied to the Iranian regime, but it's unclear if Iranian hackers were behind this latest attacks. This new Shamoon version was revealed to the world when an Italian engineer uploaded the malware on VirusTotal, triggering detections at all major cyber-security firms across the globe.

This discussion has been archived. No new comments can be posted.

Data-Wiping Malware Shamoon Destroys Files At Italian Oil and Gas Company; Other Energy Companies Operating in the Middle East W

Comments Filter:
  • was revealed to the world when an Italian engineer uploaded the malware on VirusTotal, triggering detections at all major cyber-security firms across the globe

    So at that time, all of the sirens in the AV companies went off exactly at the same time.

    There must have been some fun support phone calls there. Signatures are not a bad _first_ step, but really? That's the best we can mostly do??

    I had one once trigger on a BAT file I had just written. We had a support contact with an unnamed company, but our McAfee support rep was a bit confused. "How can you be confused? I'm using your predefined scan settings. I wrote it from scratch, so unless there's virus

  • by nuckfuts ( 690967 ) on Thursday December 13, 2018 @06:15PM (#57800924)

    This version of Shamoon overwrites original files with garbage data. This garbage data might look like encrypted content to an untrained eye, but it's just random bits of information that can't be recovered with an encryption key.

    LOL. I'd like to meet the "trained eye" that can discern "random bits of information" from "encrypted content".

  • Are there really that many computers at large multi-national corporations running the 32 bit NT kernel? Why? Answer in 100,000 words or less.

The truth of a proposition has nothing to do with its credibility. And vice versa.

Working...