Experts uncover new ‘Mahdi’ malware targeting Iran
Tehran: Security experts have identified a cyber espionage attack that apparently targeted computers in Iran, according to a report.
According to researchers, the new malware, dubbed as ‘Mahdi’ differs from previously discovered malware believed to be part of a covert US and Israeli effort to monitor and delay Tehran’s nuclear development program.
Researchers at an Israeli security company, Seculert, and Kaspersky Lab of Russia, said the latest spyware has affected about 800 companies and individuals in five countries, including Israel and Afghanistan.
According to The Los Angeles Times, they refused to identify the targets, but said they included crucial infrastructure companies, engineering students, financial services firms and embassies.
Experts said Mahdi was far less sophisticated than Flame, a recently discovered piece of malware that reportedly was used to spy on Iranian computers and steal their data.
It is also different from Stuxnet, a complex cyber attack, that the New York Times reported was part of a covert US attempt to sabotage Iran’s nuclear program by destroying centrifuges used to enrich uranium, they added.
The researchers said the malware was hidden in a variety of web documents, including a news story on Israeli efforts to spy on Iran.
According to researchers, if users opened the documents, the software secretly tracked their every keystroke.