Malicious Windows malware “Shamoon” deletes computer contents, prevents reboot

Ellen Messmer (Network World)
16 August, 2012 19:29
Comments

If your Windows-based computer suddenly won't boot up, it could be the evil doing of malicious malware that deletes the contents of your computer -- farewell, documents, pictures and videos -- and then prevents reboot.

Just spotted in the wild, it's being called either Disttrack (McAfee's name) or the Shamoon attacks (Symantec's), and researchers say it's notable because it's been a long while since they've noticed malware going to such lengths to truly make someone's life miserable in this way by deleting personal files.

IN THE NEWS: Tech Bullies Behaving Badly

MORE: Nine 'everything-as-a-service' (XaaS) companies to watch

"Ten years ago we used to see purely malicious threats like this," muses Symantec researcher Liam O Murchu. He said there's some uncertainty at this point about exactly how the malware spreads -- it's an executable so it could likely arrive as an email attachment that when opened infects a vulnerable computer -- but one thing is certain: If your computer gets hit and you can't reboot, you have a real problem. So far, there's some indication that Shamoon may be part of a targeted attack against the energy sector companies.

"It can be difficult getting anything working again," O Murchu says about what happens when a Shamoon attack hits a computer. The likely scenario for the victim would be an experience in which the computer is booting up, but all the files get erased, and the computer collapses into a non-bootable state. In that event, it would probably require the help of IT professionals with experience in recovery services to get things going again, perhaps by replacing the master boot record, or connecting the hard drive to another computer to use it to access the damaged one, he adds.

So far, though, Shamoon -- Symantec calls it that because of strings found in the malware folders saying that, as well as "Arabian Gulf" -- doesn't appear to be something that's being blasted out to a very wide audience. In fact, Shamoon malware seems to be aimed at very specific targets.

"It may be targeted at particular companies," says O Murchu. At this point, Symantec thinks it's possible that oil companies in the energy sector could be intended targets of Shamoon.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.

"Suggesting that people's "purpose is to get information to flow through the ..."

Why change management doesn’t work
"Darn those pesky laws that get in the way of commercial exploitation ..."

Larry Page wants to see your medical records
"Instead of partitioning the device between corporate and personal data, another approach ..."

Dual-Persona Smartphones Not a BYOD Panacea
"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."

After two-year hiatus, EFF accepts bitcoin donations again
"Actually, both Mobile App developers and CIOs should be blamed for it. ..."

CIOs struggle to deliver timely mobile business apps: survey

Latest Blog Posts

Whitepapers

Benefits of Deploying Microsoft Exchange Server 2010 on Dell Compellent with Data Progression
Messaging and collaboration platforms have emerged as mission critical applications, consuming a large portion of IT spending for organisations. The rich features in these applications have significantly changed the messaging requirements and needs of today’s information from anywhere with any device, the result is an ever increasing demand on storage systems both in terms of capacity and bandwidth. Many organisations are rethinking their storage strategies to meet the demanding criteria and to handle the future requirements. Read more.

Learn more »
Agentless Security for Virtual Environments
Virtualised datacentres, desktops, and cloud computing should be secured by the same strong protection technologies as physical machines. However, traditional agent-based solutions that are not architected for virtualisation can result in a number of significant operational security issues. Find out more about the first agentless security platform solution.

Learn more »
Batten Down the Hatches! A Guide to Protecting Data in Motion
The risks facing high-speed data networks and unencrypted data while in motion are very real and on the rise. As information becomes one of the most valuable ‘off balance sheet’ assets, protection of that information and the investment in it is a paramount obligation of office-holders and management. Read now for a better understanding of the risks to data in motion.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
FT.NET - Sitecore Developer - Melbourne - PermNSW
FTOS Web Applications DeveloperNSW
FTQuality ManagerSA
FTSenior Python DeveloperNSW
FTLead Software EngineerSA
FTFlash / ActionScript Developer - ContractNSW
FTR&D EngineerSA

Zones

Featured Whitepapers

Best Practice in BYOD

The key trend affecting enterprise mobility today can be summarized in four letters: BYOD – Bring Your Own Device. As the number of end-users bringing devices into your organization grows, ...

Recent comments

"Suggesting that people's "purpose is to get information to flow through the ..."
Why change management doesn’t work
"Darn those pesky laws that get in the way of commercial exploitation ..."
Larry Page wants to see your medical records
"Instead of partitioning the device between corporate and personal data, another approach ..."
Dual-Persona Smartphones Not a BYOD Panacea
"Well that's a nice back-handed compliment isn't it? So now, finally, my ..."
After two-year hiatus, EFF accepts bitcoin donations again
"Actually, both Mobile App developers and CIOs should be blamed for it. ..."
CIOs struggle to deliver timely mobile business apps: survey

Follow CIO

Market Place

Now out of the office never means out of the loop. Office 365 – your complete office in the cloud.

Deploying mobility worthwhile challenge hear what CIOs have to say.. Read more

Switch on The Symantec Business Critical Virtualisation Content Zone

Australian Breakfast Road Show: Enabling Proactive Security for Tomorrow's Business Trends

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

Malicious Windows malware “Shamoon” deletes computer contents, prevents reboot

Recommended

The pros and cons of IT offshoring

Think Tank: Better IT governance

Project management methodologies

Homeless multinationals and taxing decisions

IT sourcing: in or out?

Avoiding your cloud vendor’s success trap

10 Tips for Dealing with a Bully Boss

5 open source help desk apps to watch

How to define the scope of a project

PMBOK vs PRINCE2 vs Agile project management

Think Tank: Tips for IT strategic planning success

Opinion: Why national e-health is not for everyone

Dual-Persona Smartphones Not a BYOD Panacea

Larry Page wants to see your medical records

ACS to help redundant staff in Queensland

eBay bids on big data challenge

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

Best Practice in BYOD

Enable Flexible Working

Legal Compliance in Electronic Record Keeping

Note to CIOs: Get Your Head in the Cloud

How to Navigate Today’s Supply Chain Challenges