According to a recent revelation by Israeli security company Seculert, a nasty new Trojan horse – which most antivirus companies have dubbed as “Shamoon” – has been discovered in the Middle East; and has apparently been used in targeted attacks against specific individuals or companies, including at least one firm in the energy sector --- namely, Saudi Aramco, Saudi Arabia's state-owned oil-production company.
The possibility that the “Shamoon” malware has hit the Saudi Arabian oil-production firm is based on the Wednesday disclosure by the company that an unspecified malware intrusion had prompted it to shutter down its main computer systems.
As per the “Shamoon”-related details shared by Seculert, the newly-discovered malware appears to be quite adept at covering its tracks, as it virtually cripples the computers of the victims after pilfering data.
Seculert further added that the “Shamoon” virus seemingly depends on a one-two punch, in the sense that it first gains control of an Internet-connected computer, and then spreads to other PCs on the network of the targeted organization.
Asserting that “Shamoon” – which is "Simon" in Arabic – uses a second infected system for communicating with a hacker-controlled command-and-control server, and that the second stage of the malware attack involves the overwriting of files and the Master Boot Record (MBR) of the infected system, Seculert’s CTO and co-founder Aviv Raff said in a Friday interview: "They are looking for ways to cover their tracks.”