PC users alerted on cyberweapon-like malware in the wild

Share on facebook
Share on twitter
Share on linkedin
Share on email

In one example, opening the PowerPoint attachment displays a series of video stills showing a missile destroying a jet plane. During the final PowerPoint slide, a dialog window is displayed to the user requesting permission to run an executable file: Symantec said it detected this malicious executable as Trojan.Madi using the latest LiveUpdate definitions. It is capable of stealing information ? including key-logging functionality. ?The Trojan can also update itself. We have observed Trojan.Madi communicating with command-and-control servers hosted in Iran and, more recently, Azerbaijan,? the company said. It added: ?Targets of the Madi campaign appear to be all over the spectrum but include oil companies, US-based think tanks, a foreign consulate, as well as various governmental agencies, including some in the energy sector.? Although Madi has been seen targeting various Middle Eastern countries, it has also been found across the globe from the United States to New Zealand. Where high profile attacks such as Flamer, Duqu, and Stuxnet utilize different techniques to exploit systems ? including leveraging zero-day attacks ? the Madi attack relies on social engineering techniques to get onto targeted computers. Targets like Iran, Israel, and Saudi Arabia might suggest involvement of a nation state. However, Symantec said its research has not found evidence that this is the case. ?Instead, the current research indicates these attacks are being conducted by an unknown Farsi-speaking hacker with a broad agenda,? it said. ]]>

Facebook Comments

Latest Posts