‘Mahdi’ virus stole data on security infrastructure (JERUSALEM POST) By YAAKOV LAPPIN 07/19/12)
JERUSALEM POST Articles-Index-Top
A new computer virus with Persian words in its programming code
infected sensitive computers across the Middle East, including
Israel, and gathered information on critical national security
infrastructure, an Israeli security expert who helped uncover the
virus told The Jerusalem Post Wednesday.
The Trojan horse has been dubbed “Mahdi” after the Shi’ite Iranian
messiah-like figure, since the programmers appear to have used a key
folder with that name and also included a text file named mahdi.txt
in the malicious software.
Aviv Raff, deputy chief technology officer at the Petah Tikva-based
Seculert company, which discovered the new virus, said that like the
earlier Flame virus discovered in Iranian computers, the new Trojan
horse could turn on microphones in computers, record in-room
conversations, take screenshots and steal file content.
He named the five states with the highest number of infected
computers – Afghanistan, Iran, Israel, Saudi Arabia and the UAE –
with first Iran, then Israel the most affected.
“The aim was to create a document containing information [and send it
out to a remote user], which was to be used for [an unknown] future
mission,” Raff told the Post on Wednesday.
In Israel, as in other countries, computers found to be infected by
Mahdi belonged to people working on national infrastructure projects
as well as engineering students.
Raff said that while the program code was effective, it was not so
complex and was created quickly. “Whoever did this needed to have
some kind of financial backup.
It’s a big threat to any state’s security,” he added.
Seculert asked the large Russian Kapersky Lap computer security
company to investigate the virus. In a joint press release on
Tuesday, Seculert and Kapersky said the Trojan Horse has been
operating for the past several months, and had also gathered
information on financial bodies and academic institutions.
Reuters contributed to this report. (© 1995-2011, The Jerusalem Post
Return to Top
MATERIAL REPRODUCED FOR EDUCATIONAL PURPOSES ONLY