This graphic shows the number of infections by country.
(Credit: Seculert)
A data-stealing Trojan capable of recording keystrokes, screenshots and audio and stealing text and image files has infected about 800 computers, mostly in Iran and Israel, over the last eight months, researchers said today.
The malware, dubbed "Mahdi" (also "Madi") because of references in the code to the word for the Islamic Messiah, included strings in Farsi and dates in the Persian calendar format in communications with a command-and-control server in at least one of the variants, and a server that was located in Iran for at least one campaign, according to a blog post from Israel-based security firm Seculert. The victims included critical infrastructure companies, government embassies, financial services firms in Iran, Israel, Afghanistan, UAE, Saudi Arabia and other Middle Eastern countries, as well as the U.S. and New Zealand, Symantec reported.
Despite the types of victims and countries affected, the researchers said it was unclear whether it was a state-sponsored attack or not.
The campaigns started out with social engineering via an e-mail attachmen... [Read more]
No comments:
Post a Comment