A new targeted Trojan, Batchwiper, wipes data from drives

Moriah Sargent, Contributor

A targeted data wiping malware has been discovered by The Iran National CERT, or Maher. The malware, referred to as Batchwiper by Cupertino, Calif.-based security vendor Symantec Corp., wipes files on different drives

    Requires Free Membership to View

at predefined times.

Researchers say the design is primitive but the malware is efficient. Batchwiper can wipe disk partitions and user profile directories without being recognized by anti-virus software. It is not widely distributed.

Symantec has recovered samples of the Trojan matching the hashes in the Maher advisory. According to Symantec, the samples will wipe any drives starting with the drive letters D through I, along with files on a logged-in user's Desktop. Symantec researchers are continuing to analyze the binaries.

Targeted malware attacks have been on the rise in recent years. Batchwiper, however, shows no similarities to more sophisticated targeted attacks like Stuxnet, Flame or Gauss. Experts say companies need to make malware defense a top priority. Steps IT teams can take to protect their companies against malware include offline malware and threat detection, whitelisting, and browser security.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: