Kaspersky researchers have discovered sophisticated malware which can wipe everything on a targeted computer and has been used in European and Middle Easter target.
The malware dubbed StoneDrill appears to be an evolution of the Shamoon malware, which was used to take down 35,000 computers used by an oil and gas company operating in the Middle East in 2012.
As ‘wiper malware’ StoneDrill is particularly dangerous as not only can it destroy everything on computer systems, but it also contains sophisticated espionage tools and employs anti-detection techniques.
It effectively destroys computers by overwriting the physical and logical disk drives in a machine with random numbers which makes their original information impossible to recover and renders the targeted machine useless.
StoneDrill also contains a backdoor module which leaves a targeted machine open to malicious actors that have the scope to use one of four command and control servers the module links to, which would suggest that the malware can be used for espionage and data stealing activities as well as devastating wipe attacks.
By operating in the browser and at a file level, StoneDrill does not need to use disk drivers to install itself on a target machine, which also makes it difficult to detect.
Further adding to StoneDrill’s malware payload is a ransomware module designed to encrypt files on a targeted machine.
While StoneDrill contains Persian language resource sections and has been aimed at Middle Eastern targets, Kaspersky’s researchers suggest attacks could spread further afield after an attack was detected in Europe.
“The discovery of the StoneDrill wiper in Europe is a significant sign that the group is expanding its destructive attacks outside the Middle East. The target for the attack appears to be a large corporation with a wide area of activity in the petro-chemical sector, with no apparent connection or interest in Saudi Arabia,” said Kaspersky’s researchers.
The current impact of StoneDrill is unknown, but the potential of wiper malware to wreak havoc has been seen before, and unless organisations and security firms an take action to block StoneDrill, there is scope for it to have a significant impact.
Are you a security guru? Try our quiz!
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…
Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…
Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…
Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…