Oil Exporters Attacked by Malware Similar to That Used to Attack Iran
August 17, 2012 12:30 PM
comment(s) - last by
Attack vector differs slightly from the "Wiper" the malware used to attack the Iranian oil industry
Using a malware package
with tools with names like "Wiper", U.S. and Israeli intelligence teams are suspected of a concerted
campaign designed to cripple
Iran's oil industry
, a key supplier of Chinese demand and lifeblood of the Middle Eastern giant's economy.
But now the U.S. energy sector finds itself under attack by a somewhat similar piece of malware dubbed Shamoon or Disttrack by researchers
) and Intel Corp. (
The malware is named for its resident directory -- C:\Shamoon\ArabianGulf\wiper\release\wiper.pdb -- which, of course, is likely to change as new variants pop up. Shamoon means "Simon" in Arabic. There's also
Shamoon College of Engineering
in Israel -- another possible local name connection.
The malware contains a string in its compilation directory "wiper", making it clear that the authors intended it as at least a homage to the Iran-targeting Wiper. But Kaspersky Lab says that unlike Stuxnet -- where the U.S.'s anti-Iranian code was decompiled and used by malicious hackers -- the new malware is likely only an imitation, not repackaging.
The code uses different file and service names than the original Wiper. It also attacks with different attack pattern, though the net goal is the same -- to destroy hard drive data on infected energy sector computers.
Kaspersky Labs' analysis team
, "It is more likely that this is a copycat, the work of script kiddies inspired by the story."
But if script kiddies wrote the malware, they must be some pretty good ones. The malware has advanced networked propagation code, and overwrites the hard drive with a JPEG image found on the internet, preventing data recovery. While not exactly rocket science, those little touches are the kinds of sophistication oft overlooked by novice hackers.
Shamoon may have struck Saudi Arabia's oil industry, though infections are limited.
[Image Source: CNBC]
The state-owned Saudi Arabian Oil Comp., the world's largest oil producer and privately held company,
announced this week
that it was struck by a malware attack. It was unclear, however, whether Shamoon or a similar variant was responsible for the attack on one of America's largest foreign oil suppliers.
What is clear, based on expert reports is that the extent of infections is small, with Symantec reporting
less than 50 systems
This article is over a month old, voting and posting comments is disabled
8/17/2012 2:35:50 PM
Another excuse for gas to jump $.50/gal.
RE: Oh great
8/17/2012 6:36:56 PM
Still cheap compared to the past when you factor in the buying value of a $, not to mention even the worst cars use less fuel then a decade ago.
"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein
Microsoft Tightens Security, Deals IT Folks Headaches in Flame Fight
July 12, 2012, 12:00 PM
Microsoft Aims to Harden Windows Update to Fight "Flame"
June 6, 2012, 2:24 PM
Iranian Oil Industry Hit with Cyber Attack
April 24, 2012, 10:31 AM
Google's Gleaming Glass HQ Gets Mountain View Snub, LinkedIn Gets the Love
May 7, 2015, 6:58 AM
Tech's Tax Day Fortunate Few: Qualcomm, Xerox, GE, et al. Pay Little or No Taxes
April 15, 2015, 11:30 AM
LinkNYC Terminals to Blanket New York City With Free WiFi, Free Calls, and Ads
November 17, 2014, 6:50 PM
Microsoft is Open-Sourcing Most of .NET, Adding OS X and Linux Support
November 12, 2014, 8:27 PM
Home Depot Lost 53 Million Emails, Blames Windows, Buys Execs New Macs
November 9, 2014, 5:00 PM
Former NSA Lawyer: If Google, Apple Encrypt User Data, They’ll Wither on the Vine Like Blackberry
November 6, 2014, 12:15 PM
Most Popular Articles
SanDisk's 200GB microSDXC Card Turns Smartphones Into Enviable PMPs
June 26, 2015, 2:02 PM
Windows XP, Vista Users Can Get Free Windows 10 Upgrade Thanks to Loophole
June 23, 2015, 2:23 PM
U.S. Navy Spends $9M USD to Cling to Windows XP, Office 2003
June 24, 2015, 2:03 PM
SpaceX Falcon 9's Seventh Supply Mission to ISS Ends w/ Fiery Stage 1 Explosion
June 28, 2015, 1:10 PM
Under the Hood: Digging Into Sony's New CUH-1200 PS4, 1 TB Ultimate Player Ed.
June 23, 2015, 10:33 AM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information