New Shamoon-style malware sets sights on European targets

New Shamoon-style malware sets sights on European targets

Shamoon-style wiper malware is back - and this time it is showing an interest in European targets, according to cyber security researchers.

Experts from Kaspersky Lab uncovered StoneDrill, a piece of malicious software that has been targeting users in the Middle East and is now turning its attention to Europe.

They are yet to discover how the malware is propagated, but explained that it injects itself into browser memory using “two sophisticated anti-emulation techniques” that ensure it bypasses security solutions installed on the victim’s machine.

Its next step is to begin deleting the files on the computer’s hard drive, while a further module has been found that creates a backdoor on the infected system.

Two StoneDrill wiper targets have been identified so far - one in the Middle East and one in Europe - raising concerns that it could strike closer to home more frequently.

Its predecessor, Shamoon, took down 35,000 computers in a Middle Eastern oil and gas company in 2012, and a further campaign - Shamoon 2.0 - appeared in 2016.

The researchers said that while StoneDrill and Shamoon do not have the exact same code base, they share features relating to their authors’ mindsets and coding styles.

They also advised businesses on how to avoid falling victim to StoneDrill. Firstly, it was recommended that firms conduct security assessments to close any security loopholes that may exist on their networks. Next, the researchers encouraged organisations to work together to share intelligence, which in turn can help with initiatives like employee cyber security training.

They also argued the case for “enhanced methods of protection” that operate both inside and outside of the perimeter, with enough resources behind them to block attacks before they reach firms’ most important data and systems.


Photo copyright xenovon, under licence from Thinkstockphotos.co.uk

Copyright Lyonsdown Limited 2021

Top Articles

WhatsApp's New Privacy Policy Deadline Has Arrived

At the start of 2021, WhatsApp announced its privacy policy updates, sparking outrage and backlash from its consumers as WhatsApp will share personal information with its parent company, Facebook.

Overcoming the security challenge in remote working environments

The pandemic has changed the way we work. Remote working is no longer a nice-to-have for organisations, but a necessity especially if they want to attract the best talent.

President Biden pens Executive Order to boost US cybersecurity

US President Joe Biden signed an Executive Order this week to boost the cyber security of federal government systems and data.

Related Articles