News Stay informed about the latest enterprise technology news and product updates.

A new targeted Trojan, Batchwiper, wipes data from drives

Symantec has confirmed the existence of the targeted Trojan it calls Batchwiper.

A targeted data wiping malware has been discovered by The Iran National CERT, or Maher. The malware, referred to as Batchwiper by Cupertino, Calif.-based security vendor Symantec Corp., wipes files on different drives at predefined times.

Researchers say the design is primitive but the malware is efficient. Batchwiper can wipe disk partitions and user profile directories without being recognized by anti-virus software. It is not widely distributed.

Symantec has recovered samples of the Trojan matching the hashes in the Maher advisory. According to Symantec, the samples will wipe any drives starting with the drive letters D through I, along with files on a logged-in user's Desktop. Symantec researchers are continuing to analyze the binaries.

Targeted malware attacks have been on the rise in recent years. Batchwiper, however, shows no similarities to more sophisticated targeted attacks like Stuxnet, Flame or Gauss. Experts say companies need to make malware defense a top priority. Steps IT teams can take to protect their companies against malware include offline malware and threat detection, whitelisting, and browser security.

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.