Jump to content

New Money-Destroying Virus Attacks Iran

Draggingtree

By Draggingtree
in News & Opinion

 Share

Recommended Posts

Draggingtree

Draggingtree

Posted
Posted

Gizmodo

 

 

 

New Money-Destroying Virus Attacks Iran

 

 

Sam Biddle

 

After the US and Israel cooked up Stuxnet—a potent cyber weapon aimed at Iran's nuclear facilities—whenever a virus targets Iran, it could be something major. This time around, the web threat wants to erase Iranian banks.

 

The worm, which Symantec has dubbed W32.Narilam, started creeping through Iranian financial servers over the past several days:

 

Just like many other worms that we have seen in the past, the threat copies itself to the infected machine, addsregistry keys, and spreads through removable drives and network shares. It is even written using Delphi, which is a language that is used to create a lot of other malware threats. All these aspects of this threat are normal enough, what is unusual about this threat is the fact that it has the functionality to update a Microsoft SQL database if it is accessible by OLEDB. The worm specifically targets SQL databases with three distinct names: alim, maliran, and shahd.

 

The following are some of the object/table names that can be accessed by the threat: Scissors-32x32.png

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
  • 1715715720
×
×
  • Create New...