Security experts recently confirmed that a new type of virus, Shamoon, will scan Windows PCs. Like the Flame virus, Shamoon can directly send data from infected users' computers to the network, after the data is transmitted, the computer's data is maliciously deleted permanently, even including the Master Boot Record, which directly causes system paralysis and cannot be started on. The virus is injected with the names W32.Disttrack and W32.EraseMBR. The file size of the virus is only 900 kb, but the internal resources are completely encrypted. For example:
Currently, the Shamoon virus has not been widely spread around the world. However, according to the Seculert report, at least two levels of attacks have been used, in addition, the main targets of attacks are limited to the main departments of some large companies.
When researchers at Kaspersky studio talked about the connection between the two viruses, they simply guessed: "Shammoon should be just a simple imitation work, the author of the virus may have been influenced by some of the stories of yingxiong." "Shammon has attacked the Energy Department of at least one company," Symantec wrote in a blog post, but no more information was mentioned. Ars Technica pointed out that Saudi Arabia's International Oil Company Saudi Aramco was recently attacked by the virus, but it is unclear whether there is any connection between the incidents.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
