Database-Destroying Narilam Malware Almost Extinct, Experts Say

Researchers haven't been able to find any links to Stuxnet, Duqu, Flame or Gauss

By Eduard Kovacs on November 26th, 2012 13:30 GMT

Last week, Symantec experts revealed that a nasty piece of malware was found to target certain organizations in an attempt to destroy their databases. Kaspersky researcher have also analyzed the malicious element and they’ve discovered some interesting things about Narilam.

Apparently, there are no similarities between Narilam and other notorious pieces of malware that have targeted the Middle East over the past years.

Experts highlight that Duqu, Stuxnet, Flame and Gauss have been compiled with various versions of Microsoft Visual C, while for Narilam, its developers have utilized C++ Builder 6.

Although the threat has been around since 2009-2010, only 80 incidents that involve this piece of malware have been recorded.

Since there were only six instances of this malware reported during the past month, it’s believed that Narilam is almost extinct. However, Iranian organizations still appear to be concerned about the threat.

Earlier today, an Iranian company called TarrahSystem issued an alert, warning organizations that the malware targets some of their software.
Narilam compilation headers
   Narilam compilation headers
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments