Four years ago, a destructive computer virus that functioned under the name of ‘Shamoon’ struck thousands of computers at Middle Eastern energy companies. The virus single-handedly managed to cripple down thousands of computer systems based in Saudi Arabia. Now reports suggest that the destructive computer virus has returned again.
According to US security firms, a version of Shamoon was used again to attack computers in Saudi Arabia two weeks ago. As per the report published by news agency Reuters, security firms CrowdStrike, Palo Alto Networks Inc and Symantec Corp. flagged the organisations regarding the new attacks on Wednesday. No details regarding the victims were unveiled by them, however, they did state that the new version of Shamoon is strategically used to cripple computer systems and wipe the “master boot” records of the systems away. The extent of the damage is yet to be known.
“Why Shamoon has suddenly returned again after four years in unknown. However, with its highly destructive payload, it is clear that the attackers want their targets to sit up and take notice,” the Symantec Security Response team said on their blog.
The Shamoon attack is among the large-scale, high-profile attacks ever carried out. A similar attack took place back in 2014, wherein Sheldon Adelson’s Las Vegas Sands Corp. and Sony Corp’s Hollywood studio was victim to this disk-wiping malware. This kind of attack requires to be significantly scrutinised as resorting infected systems back to the normal functioning mode gets expensive and time-consuming.
The malware attack was carried out at an 8:45pm local time on Thursday, November 17. “The malware had potentially the entire weekend to spread,” said researcher Robert Falcone in his blog post.