A few days ago, Iran’s CERT issued an alert to warn organizations about a new data-wiping malware. Unnamed CIA sources say that this is actually part of a joint US-Israel cyberattack.
Former senior CIA officials close to the investigation have told ISSSource that the US and Israel are behind the attack, but it remains uncertain what the targets are.
After analyzing the malware, which they’ve dubbed Batchwiper or GrooveMonitor, security experts have found that it’s not sophisticated at all. However, they’ve warned that this doesn’t stop it from being effective.
The malicious element – which deletes all the files from the Deskop and the partitions labeled D through I – is interesting because it only performs its activities on certain dates.
This isn’t the only time when the finger is pointed at the US and Israel after a cyberattack on Iranian organizations. The countries have also been named responsible for creating and planting the notorious Stuxnet inside Iranian nuclear facilities.