Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Samker
« on: 17. August 2012., 17:50:15 »



If your Windows-based computer suddenly won't boot up, it could be the evil doing of malicious malware that deletes the contents of your computer -- farewell, documents, pictures, and videos -- and then prevents reboot.

Just spotted in the wild, it's being called either Disttrack (McAfee's name) or the Shamoon attacks (Symantec's), and researchers say it's notable because it's been a long while since they've noticed malware going to such lengths to truly make someone's life miserable in this way by deleting personal files.

"Ten years ago we used to see purely malicious threats like this," muses Symantec researcher Liam O Murchu. He said there's some uncertainty at this point about exactly how the malware spreads -- it's an executable so it could likely arrive as an e-mail attachment that when opened infects a vulnerable computer -- but one thing is certain: If your computer gets hit and you can't reboot, you have a real problem. So far, there's some indication that Shamoon may be part of a targeted attack against the energy sector companies.

"It can be difficult getting anything working again," O Murchu says about what happens when a Shamoon attack hits a computer: http://www.symantec.com/connect/blogs/shamoon-attacks
The likely scenario for the victim would be an experience in which the computer is booting up, but all the files get erased, and the computer collapses into a non-bootable state. In that event, it would probably require the help of IT professionals with experience in recovery services to get things going again, perhaps by replacing the master boot record, or connecting the hard drive to another computer to use it to access the damaged one, he adds.

So far, though, Shamoon -- Symantec calls it that because of strings found in the malware folders saying that, as well as "Arabian Gulf" -- doesn't appear to be something that's being blasted out to a very wide audience. In fact, Shamoon malware seems to be aimed at very specific targets.

"It may be targeted at particular companies," says O Murchu. At this point, Symantec thinks it's possible that oil companies in the energy sector could be intended targets of Shamoon.

(PCW)
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising