Energy industry under malware attack
‘Shamoon’ attacks are deleting computer contents and preventing reboots, according to a study by Symantec.
Research suggests the malware is a notable detection given the lengths it goes to ensure personal files are deleted.
Symantec says there remains uncertainty about exactly how the malware spreads, however, with ‘Shamoon’ potentially part of a targeted attack against energy sector companies.
"Ten years ago we used to see purely malicious threats like this," says Liam O’Murchu, Symantec researcher."It can be difficult getting anything working again.
“The likely scenario for the victim would be an experience in which the computer is booting up, but all the files get erased, and the computer collapses into a non-bootable state.
“In that event, it would probably require the help of IT professionals with experience in recovery services to get things going again, perhaps by replacing the master boot record, or connecting the hard drive to another computer to use it to access the damaged one.
"It may be targeted at particular companies.”
Symantec says ‘Shamoon’, named after strings found in the malware folders, doesn't appear to reach a wide audience and instead seems aimed at specific targets.