A new targeted Trojan, Batchwiper, wipes data from drives

Symantec has confirmed the existence of the targeted Trojan it calls Batchwiper.

A targeted data wiping malware has been discovered by The Iran National CERT, or Maher. The malware, referred to as Batchwiper by Cupertino, Calif.-based security vendor Symantec Corp., wipes files on different drives at predefined times.

Researchers say the design is primitive but the malware is efficient. Batchwiper can wipe disk partitions and user profile directories without being recognized by anti-virus software. It is not widely distributed.

Symantec has recovered samples of the Trojan matching the hashes in the Maher advisory. According to Symantec, the samples will wipe any drives starting with the drive letters D through I, along with files on a logged-in user's Desktop. Symantec researchers are continuing to analyze the binaries.

Targeted malware attacks have been on the rise in recent years. Batchwiper, however, shows no similarities to more sophisticated targeted attacks like Stuxnet, Flame or Gauss. Experts say companies need to make malware defense a top priority. Steps IT teams can take to protect their companies against malware include offline malware and threat detection, whitelisting, and browser security.

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close