Skip to main content

Sony Pictures Malware Tied to Seoul, “Shamoon” Cyber-attacks - Ars Technica

December 5, 2014

Sony Pictures Malware Tied to Seoul, “Shamoon” Cyber-attacks - Ars Technica

Ars Technica, By Sean Gallagher

The “wiper” malware that knocked Sony Pictures’ corporate network offline for over a week, now being called Destover, bears a striking resemblance not only to the “DarkSeoul” malware that struck South Korean companies last year, but the Shamoon “wiper” that struck Saudi Aramco in 2012, according to analysis by Kaspersky Labs and other security researchers. While there is nothing in the analysis that would tie the three attacks to the same malware developers, they all used similar techniques, as well as some of the same commercial Windows drivers to attack the hard drives of their victims.

In an e-mail exchange with Ars, Kaspersky Lab security researcher Kurt Baumgartner said, “Of the three, the Shamoon and Destover implementations share the most similarities, and based on these similarities it is possible that there was shared guidance or expertise between the two projects. All three share operational similarities.” Read more.

Sony Pictures Malware Tied to Seoul, “Shamoon” Cyber-attacks - Ars Technica

Sony Pictures Malware Tied to Seoul, “Shamoon” Cyber-attacks - Ars Technica
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases