Mahdi, which is named after files used in the malware, refers to the
Muslim messiah who, it’s prophesied, will arrive before the end of time
to cleanse the world of wrongdoing and bestow peace and justice before
Judgment Day. But this recently discovered Mahdi is only interested in
one kind of cleansing – vaccuuming up PDFs, Excel files and Word
documents from victim machines.
The malware, which is not sophisticated, according to Costin Raiu,
senior security researcher at Kaspersky Lab, can be updated remotely
from command-and-control servers to add various modules designed to
steal documents, monitor keystrokes, take screenshots of e-mail
communications and record audio.