VnutZ Domain
Copyright © 1996 - 2020 [Matthew Vea] - All Rights Reserved

2012-08-17
Featured Article

Data Wiping Malware

[index] [869 page views]
Tagged As: Hacking, Malware, and Security

With exception to Stuxnet, all of the recent big discoveries in malware trampling the Middle East have not been destructive. Duqu, Flame and Gauss among others all seem to be oriented towards spying as they feature the traditional key loggers, microphone enablers, etc. Yet another piece of malware has been found lurking about, this time in Saudi Arabian energy systems and its destructive. The malware has bounced between being named Shamoon and Wiper, based on strings found internally. In a nutshell, reverse engineers have discovered it uses a legitimate, signed driver (stolen) in order to gain low level disk access to perform a data wipe. A continued effort suggests the malware also exfiltrates infomation about the target computer to an internal node used as a single point of presence for assessing its destructive success. All of this is consolidated in a nice, neat little delivery package totaling only about 900kb.



More site content that might interest you:

Everyone can appreciate a good listener right?


Try your hand at fate and use the site's continuously updating statistical analysis of the MegaMillions and PowerBall lotteries to choose "smarter" number. Remember, you don't have to win the jackpot to win money from the lottery!


Tired of social media sites mining all your data? Try a private, auto-deleting message bulletin board.