Looks like USA, Europe and UK aren’t the only ones to cry about malware attacks and increased Internet security conspiracies. The latest to join them is the Middle East; the rich Gulf peninsula now trying to ward off Internet malware and going to its own virtual war. Two breaches in two weeks, Internet prowlers are working hard and fast to attack the poor Middle East as another energy company reported malware breaching. Qatari Liquefied Natural gas producer stated that the corporate network was down as the company was hit by a major virus attack yesterday. With this being said, it is not just businesses in the middle east that have to be wary of malware attacks. The same applies to no matter where you are in the world. Earlier this week another security breach was confirmed by Saudi Aramco Oil which then caused immense malfunction as more than 30,000 workstations were shut down. These problems haven’t only caused disruptions in operations but major losses as well. The newest malware to be used in these attacks has been identified as the “Shamoon”. These attacks have been attacking corporations one by one, trying to steal their information, their personal operational strategies and in most cases trying to sabotage their nuclear power stations. Even though some may suggest that it is an attack planned by the US, nothing can actually happen. So what are these new malwares and what do they do? Here we discuss the most dangerous recent Middle East targeted malwares:
Revealed in June 2010, Stuxnet is supposed to be the leading malware directed precisely at acute infrastructure systems. It’s assumed to have been intended to close down extractors at Iran’s Natanz uranium enhancement plant, where slowdowns and other glitches supposedly happened around that time.
According to a New York Times report, Stuxnet was an ideal part of a U.S.-Israeli action nicknamed as the “Operation Olympic Games,” that was instigated while President George W. Bush was in office as an effort to disrupt Iran’s nuclear program. The erudite worm extends via USB drives and over four formerly unidentified holes, identified as zero-day susceptibilities, in Windows.
It used two pilfered digital credentials and was targeted at Siemens guiding control and data acquisition (SCADA) systems that were constructed to regulate industrial processes, and septic programmable logic controllers.
The Duqu worm appeared in September 2011 and according to researchers it has a lot in common with Stuxnet but is intended for a diverse purpose: pilfering data for observation or other intelligence applications. It hit PCs in Iran but did not seem to be concentrating at manufacturing or acute foundations precisely.
Duqu feats zero-day Windows kernel susceptibilities, utilize filched digital credentials, fix an exit, and seize keystrokes and material that could be utilized to bout manufacturing regulator systems. “We believe it could be a cyber espionage operation to gauge the status of Iran’s nuclear program,” Roel Schouwenberg, a senior researcher at Kaspersky Lab stated.
Kaspersky went open with specifics on a new spying or surveillance toolkit called “Gauss“. The malware was instituted on PCs commonly in Lebanon, Israel, and Palestine, trailed by the U.S. and the United Arab Emirates. Gauss is talented in pilfering browser passwords, online banking accounts, cookies, and system configurations.
Revealed earlier this month, the Shamoon attacks machines with Windows OS and is intended for spying. The virus is thought to be pursuing oil companies and a rational blunder in the cipher of Shamoon points to the efforts of amateurs rather than a nation-state operation.
There is rumor that Shamoon hit Saudi Aramco as well as Qatari installation. It was also allegedly designed to overwrite files with a burning U.S. flag image, as well as to steal data.