Destructive Malware Returns to Target Oil and Gas Industry

After a two-year absence, the destructive malware Shamoon (W32.Disttrack.B) re-emerged on December 10 in a new wave of attacks against targets in the Middle East. These latest Shamoon attacks are doubly destructive, since they involve a new wiper (Trojan.Filerase) that deletes files from infected computers before the Shamoon malware wipes the master boot record.

News of the attacks first emerged on December 10 when Italian oil services firm Saipem said that it had been hit by a cyber attack against its servers in the Middle East. Two days later, the company said that Shamoon had been used in the attack, which affected between 300 and 400 servers and up to 100 personal computers.

Symantec has found evidence of attacks against two other organizations during the same week, in Saudi Arabia and the United Arab Emirates. Both organizations are involved in the oil and gas industry.

Read more at Symantec

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio