Skip to main content

Mahdi Malware Creators Add New Features

July 25, 2012

Mahdi Malware Creators Add New Features

By: Elinor Mills, CNET

Researchers said today that they have noticed some new features and changes to the data-stealing malware Mahdi and have uncovered a reference to "Flame," which could potentially indicate some connection to the malware of the same name that also has numerous infections in Iran.

"Last night, we received a new version of the #Madi malware. Following the shutdown of the Madi command and control domains last week, we thought the operation is now dead. Looks like we were wrong, Nicolas Brulez of Kaspersky Labs wrote in a post on its SecureList blog.

The new version, compiled just today, contains "many interesting improvements and new features. It now has the ability to monitor VKontakte, together with Jabber conversations. It is also looking for people who visit pages containing 'USA' and 'gov' in their titles. In such cases, the malware makes screenshots and uploads them to the C2," or command-and-control server, he said. The new "USA" checks could indicate a shift in focus from targets in Israel to targets in the U.S., he speculated.

Read more...

Mahdi Malware Creators Add New Features

Mahdi Malware Creators Add New Features
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases