Results for Shamoon

Threat Research

Saudi Organizations Targeted by Resurfaced Shamoon Disk-Wiping Malware

FortiGuard is currently investigating a new wave of attacks targeting kingdom of Saudi Arabia organizations that use an updated version of the Shamoon malware (also known as DistTrack.) We described this malware in detail a few months ago in a previous article. The key features of that version remain the same, yet some voluntary changes are taking place: Images used. Shamoon still overwrites files with an image of the drowned Syrian toddler Alan Kurdi, but this time the picture size is different. In November 2016 it was using a picture...

By Artem SemenchenkoJanuary 30, 2017

Threat Research

Research: Furtive Malware Rises Again

Shamoon Timeline The Shamoon virus, also known as Disttrack, surfaced for the first time back in 2012 targeting Middle East Oil companies. It leveraged stolen credentials to gain access, and then exhibited worm-like behavior to spread throughout the entire targeted network. All Shamoon attacks were clearly very carefully planned beforehand, as the attackers had to gain access to legitimate credentials before launching the attack. While most modern malware are focused on monetizing through any way possible, from bitcoin mining to the current...