Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
While it still unknown whether the recent attacks against Saudi Aramco and RasGas were part of the so-called Shamoon attacks, the latter are continuing unabated, says Symantec.
Read more: http://www.net-security.org/malware_news.php?id=2259
No comment yet.
Sign up to comment
Scoop.it!
What do Stuxnet, Duqu, Gauss, Mahdi, Flame, Wiper, and Shamoon have in common? Read this blog post by Elinor Mills on Security & Privacy.
Read more:
|
Scoop.it!
Practical Perspectives for the Midsize Business. Brought to you by IBM.
Researchers have detected a new malware threat that could have a devastating effect on midsize businesses: DistTrack, also known as Shamoon, removes the data stored on an infected machine and modifies the hard disk drive's master boot record (MBR), a boot sector that contains the bootstrap code and information about the HDD's partition table.
According to Symantec, DistTrack contains three major components: the Dropper, the Wiper, and the Reporter. The Dropper copies itself to the target workstation, creating a duplicate of itself in the %system root%\system32 folder under the name "tsksvr.exe." The malware then creates a process to execute itself and creates a service--borrowing the name "Distributed Link Tracking Server"--that executes the process when Windows loads.
The Wiper overwrites personal files contained in the Download, Documents, Pictures, Videos, and Music folders and corrupts the MBR so that the computer is rendered unbootable. The last component, the Reporter, sends data about the compromised machine to the hacker; the data includes information such as the Internet protocol (IP) address of the system and the name of the domain on which it resides.
Read more: http://midsizeinsider.com/en-us/article/new-malware-threat-deletes-files-and-int
|
