Oil Exporters Attacked by Malware Similar to That Used to Attack Iran
August 17, 2012 12:30 PM
comment(s) - last by
Attack vector differs slightly from the "Wiper" the malware used to attack the Iranian oil industry
Using a malware package
with tools with names like "Wiper", U.S. and Israeli intelligence teams are suspected of a concerted
campaign designed to cripple
Iran's oil industry
, a key supplier of Chinese demand and lifeblood of the Middle Eastern giant's economy.
But now the U.S. energy sector finds itself under attack by a somewhat similar piece of malware dubbed Shamoon or Disttrack by researchers
) and Intel Corp. (
The malware is named for its resident directory -- C:\Shamoon\ArabianGulf\wiper\release\wiper.pdb -- which, of course, is likely to change as new variants pop up. Shamoon means "Simon" in Arabic. There's also
Shamoon College of Engineering
in Israel -- another possible local name connection.
The malware contains a string in its compilation directory "wiper", making it clear that the authors intended it as at least a homage to the Iran-targeting Wiper. But Kaspersky Lab says that unlike Stuxnet -- where the U.S.'s anti-Iranian code was decompiled and used by malicious hackers -- the new malware is likely only an imitation, not repackaging.
The code uses different file and service names than the original Wiper. It also attacks with different attack pattern, though the net goal is the same -- to destroy hard drive data on infected energy sector computers.
Kaspersky Labs' analysis team
, "It is more likely that this is a copycat, the work of script kiddies inspired by the story."
But if script kiddies wrote the malware, they must be some pretty good ones. The malware has advanced networked propagation code, and overwrites the hard drive with a JPEG image found on the internet, preventing data recovery. While not exactly rocket science, those little touches are the kinds of sophistication oft overlooked by novice hackers.
Shamoon may have struck Saudi Arabia's oil industry, though infections are limited.
[Image Source: CNBC]
The state-owned Saudi Arabian Oil Comp., the world's largest oil producer and privately held company,
announced this week
that it was struck by a malware attack. It was unclear, however, whether Shamoon or a similar variant was responsible for the attack on one of America's largest foreign oil suppliers.
What is clear, based on expert reports is that the extent of infections is small, with Symantec reporting
less than 50 systems
This article is over a month old, voting and posting comments is disabled
RE: The United States...
Dr of crap
Dr of crap
8/20/2012 11:37:12 AM
You DO KNOW that trading of oil futures is where the money is being made, and plenty of it and THAT'S where the price control is.
You can down play it all you want, but in the end remove futures trading and we'd be at least a $1 less per gallon, maybe more.
"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer
Microsoft Tightens Security, Deals IT Folks Headaches in Flame Fight
July 12, 2012, 12:00 PM
Microsoft Aims to Harden Windows Update to Fight "Flame"
June 6, 2012, 2:24 PM
Iranian Oil Industry Hit with Cyber Attack
April 24, 2012, 10:31 AM
Report: AT&T Eyeing $40B DirecTV Purchase
May 1, 2014, 8:00 AM
WebOS Class Action Settlement Costs HP $57 Million
April 1, 2014, 10:22 AM
IBM Workers Strike Over Terms of Deal That Will Have Them Working for Lenovo
March 6, 2014, 9:29 AM
Google Picking Up Artificial Intelligence Company "DeepMind" for $400 Million
January 27, 2014, 9:25 AM
Quick Note: Qualcomm Grabs up Palm, IPAQ, and Bitfone Patent Portfolio from HP
January 24, 2014, 9:18 AM
Verizon Buys Intel Media OnCue Cloud TV assets
January 21, 2014, 10:26 AM
Most Popular Articles
1 Million Credit Card Activated on Apple Pay Within 72 Hours, Walmart CEO Hopes Visa "Suffers"
October 28, 2014, 8:17 AM
Amid Theater Boycott Netflix Defiantly Plans New Movies, Plus 3 TV Shows for 2015
October 24, 2014, 7:30 PM
CVS, Rite Aid Kill Unofficial Apple Pay Support, Burn Google Wallet Users in the Process
October 25, 2014, 5:26 PM
Microsoft's Figures Show Desktop Users Flocking to Windows 10 Preview
October 27, 2014, 11:04 AM
Fitbit's $249 Surge Fitness Watch Packs 7-Day Battery Life, Two Other Models Also Air
October 27, 2014, 4:20 PM
Latest Blog Posts
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information