New Espionage-Level Malware Makes Its Presence Known

(ATTA KENARE/AFP/Getty Images)

(ATTA KENARE/AFP/Getty Images)

The Iranian Computer Emergency Response Team, or CERT, has released information on the latest piece of what seems to be Espionage-Level Malware in the country. Capable of wiping available partitions on a hard drive in addition to desktop items of the current logged in user, ‘Batchwiper’ isn’t exactly a complicated Malware by any means. However, developers input routines for its data wipes on the twelve of every month, according to reports.

What to keep in mind– Batchwiper is disguising itself under GrooveMonitor.exe and extracts the following files:

%SYSTEMROOT%\system32\SLEEP.EXE, jucheck.exe & juboot.exe.

 

* For those not entirely computer savvy, jucheck.exe & GrooveMonitor.exe are the names of legitimate files; However, the directory in which they are located on your system will tell you whether the file is malicious or not).

 

Batchwiper is believed to be a targeted attack, so chances are you may not come across this bug. However, should you, you’re going to lose a lot of information. Better to be safe than sorry, so remember to always back up.

News of this threat follows the recent accusations that Iran has been sending towards both Israel and the United States regarding the Flame and Stuxnet attacks. Fear of an Islamic Nuclear weapons program  is cited as the motivation for these attacks.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s