Mahdi Malware Creators Add New Features
Mahdi Malware Creators Add New Features
By: Elinor Mills, CNET
Researchers said today that they have noticed some new features and changes to the data-stealing malware Mahdi and have uncovered a reference to "Flame," which could potentially indicate some connection to the malware of the same name that also has numerous infections in Iran.
"Last night, we received a new version of the #Madi malware. Following the shutdown of the Madi command and control domains last week, we thought the operation is now dead. Looks like we were wrong, Nicolas Brulez of Kaspersky Labs wrote in a post on its SecureList blog.
The new version, compiled just today, contains "many interesting improvements and new features. It now has the ability to monitor VKontakte, together with Jabber conversations. It is also looking for people who visit pages containing 'USA' and 'gov' in their titles. In such cases, the malware makes screenshots and uploads them to the C2," or command-and-control server, he said. The new "USA" checks could indicate a shift in focus from targets in Israel to targets in the U.S., he speculated.
Mahdi Malware Creators Add New Features
Kaspersky
Related Articles Business News
Kaspersky Lab Joins Forces with Merchant Risk Council to Help Combat eCommerce Fraud
As part of its mission to tackle online fraud, Kaspersky Lab has become the latest company to join forces with the Merchant Risk Council as Premier Solution Provider.Read More >Kaspersky Lab North America Recognized on CRN’s 2018 Security 100 List
Kaspersky Lab North America announced today that CRN®, a brand of The Channel Company, has named Kaspersky Lab to its third annual Security 100 list for endpoint security.Read More >Kaspersky Lab North America Releases its Inaugural Corporate Social Responsibility Report
Woburn, MA – December 19, 2017 – Kaspersky Lab North America today released its inaugural Corporate Social Responsibility Report, profiling the company’s continued commitment to volunteerism and philanthropy in the region over the past 12 months.Read More >