Wiper Malware That Hit Iran Left Possible Clues of Its Origins

29 Aug 2012

By: Kim Zetter, WIRED

How does a security company study a strain of malware that systematically wipes a hard drive clean, including any traces of its own code? And is there any evidence that Wiper, one particular flavor of malware that hit computers in Iran’s oil industry in the spring, is connected to nation-state tools such as Stuxnet?

In an attempt to answer these questions and others about several pieces of malware that have cropped up recently, Kaspersky Lab has released new details about its investigation of Wiper.

According to Kaspersky, Wiper shares a couple of characteristics with the DuQu and Stuxnet attacks that suggest it might have been developed by Israel and the U.S. – the nations believed to be behind DuQu and Stuxnet. But, the researchers say in a blog post published Wednesday, that the similarities are circumstantial and not enough to draw firm conclusions just yet.