Shamoon data-wiping malware believed to be the work of Iranian hackers


A spate of recent attacks involving the Shamoon data-wiper malware family has been attributed to the Iranian hacking group APT33.

On Wednesday, the McAfee Advanced Threat Research team said APT33 — or a group masquerading as APT33 — is likely responsible for a recent campaign which targeted industrial players in the Middle East and Europe.

It was earlier this month that ZDNet learned of the Shamoon malware’s presence on Italian oil and gas contractor Saipem’s networks. The company operates across the Middle East, India, Italy, and Scotland.

McAfee said in a blog post that recent Shamoon-based campaigns have been detected not only targeting companies directly but has also been used in supply chain attacks.

Shamoon is an extremely destructive malware designed to wipe infected systems by overwriting information with garbage data.

Read more…