Malicious Windows malware “Shamoon” deletes computer contents, prevents reboot
- 16 August, 2012 19:29
If your Windows-based computer suddenly won't boot up, it could be the evil doing of malicious malware that deletes the contents of your computer -- farewell, documents, pictures and videos -- and then prevents reboot.
Just spotted in the wild, it's being called either Disttrack (McAfee's name) or the Shamoon attacks (Symantec's), and researchers say it's notable because it's been a long while since they've noticed malware going to such lengths to truly make someone's life miserable in this way by deleting personal files.
IN THE NEWS: Tech Bullies Behaving Badly
"Ten years ago we used to see purely malicious threats like this," muses Symantec researcher Liam O Murchu. He said there's some uncertainty at this point about exactly how the malware spreads -- it's an executable so it could likely arrive as an email attachment that when opened infects a vulnerable computer -- but one thing is certain: If your computer gets hit and you can't reboot, you have a real problem. So far, there's some indication that Shamoon may be part of a targeted attack against the energy sector companies.
"It can be difficult getting anything working again," O Murchu says about what happens when a Shamoon attack hits a computer. The likely scenario for the victim would be an experience in which the computer is booting up, but all the files get erased, and the computer collapses into a non-bootable state. In that event, it would probably require the help of IT professionals with experience in recovery services to get things going again, perhaps by replacing the master boot record, or connecting the hard drive to another computer to use it to access the damaged one, he adds.
So far, though, Shamoon -- Symantec calls it that because of strings found in the malware folders saying that, as well as "Arabian Gulf" -- doesn't appear to be something that's being blasted out to a very wide audience. In fact, Shamoon malware seems to be aimed at very specific targets.
"It may be targeted at particular companies," says O Murchu. At this point, Symantec thinks it's possible that oil companies in the energy sector could be intended targets of Shamoon.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: firstname.lastname@example.org.
Read more about wide area network in Network World's Wide Area Network section.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Benefits of Deploying Microsoft Exchange Server 2010 on Dell Compellent with Data Progression
Messaging and collaboration platforms have emerged as mission critical applications, consuming a large portion of IT spending for organisations. The rich features in these applications have significantly changed the messaging requirements and needs of today’s information from anywhere with any device, the result is an ever increasing demand on storage systems both in terms of capacity and bandwidth. Many organisations are rethinking their storage strategies to meet the demanding criteria and to handle the future requirements. Read more.
Agentless Security for Virtual Environments
Virtualised datacentres, desktops, and cloud computing should be secured by the same strong protection technologies as physical machines. However, traditional agent-based solutions that are not architected for virtualisation can result in a number of significant operational security issues. Find out more about the first agentless security platform solution.
Batten Down the Hatches! A Guide to Protecting Data in Motion
The risks facing high-speed data networks and unencrypted data while in motion are very real and on the rise. As information becomes one of the most valuable ‘off balance sheet’ assets, protection of that information and the investment in it is a paramount obligation of office-holders and management. Read now for a better understanding of the risks to data in motion.