Mahdi Virus Attacked Middle East

Bookmark and Share

Shortly after the virus Flame caught stealing data from computers owned by the Iranian government, a virus other eyes again found. Virus from type of Trojan these given the name "Mahdi", taken from name of the file is being copied to by the virus such to a computer who infected via e-mail.

Since the last 8 months, has about 800 computers have been infected, most of which came from Iran (387 computers) and Israel (54) computers, according to data obtained from the tech site Cnet.

The victims included the company's computer infrastructure, embassy, as well as company-owned financial services.
Mahdi virus spreads through the attachment of Word and PowerPoint files from e-mail. When opened, the attachment to download a virus into the user's computer.

Other data from Symantec suggests that this virus has spread out of the Middle East region and invade countries in Europe, Latin America and North America.

Just like Flame, Mahdi virus is able to record keyboard keystrokes, take a screenshot of the screen, record audio, and stole the pictures and text files. The virus then sends the data to the server command-and-control. Most of the string used in this communication is written in Farsi language and the Persian calendar format.

It is unknown whether this virus is accidentally released a cyber weapon of a state or not. Symantec warns that the perpetrators behind it was a hacker who has a specific agenda to attack computers in countries such as Iran, Israel, and Saudi Arabia.

Previously, the Middle East made ​​a scene by the discovery of a spy Flame virus circulating undetected for years before being caught stealing data.

Later reported that the creation and spread of the virus, along with Stuxnet virus that had crippled Iran's nuclear enrichment program, orchestrated by the United States and Israel.

{ 0 comments... Views All / Send Comment! }

Post a Comment