New Shamoon-style malware sets sights on European targets

New Shamoon-style malware sets sights on European targets

Shamoon-style wiper malware is back – and this time it is showing an interest in European targets, according to cyber security researchers.

Experts from Kaspersky Lab uncovered StoneDrill, a piece of malicious software that has been targeting users in the Middle East and is now turning its attention to Europe.

They are yet to discover how the malware is propagated, but explained that it injects itself into browser memory using “two sophisticated anti-emulation techniques” that ensure it bypasses security solutions installed on the victim’s machine.

Its next step is to begin deleting the files on the computer’s hard drive, while a further module has been found that creates a backdoor on the infected system.

Two StoneDrill wiper targets have been identified so far – one in the Middle East and one in Europe – raising concerns that it could strike closer to home more frequently.

Its predecessor, Shamoon, took down 35,000 computers in a Middle Eastern oil and gas company in 2012, and a further campaign – Shamoon 2.0 – appeared in 2016.

The researchers said that while StoneDrill and Shamoon do not have the exact same code base, they share features relating to their authors’ mindsets and coding styles.

They also advised businesses on how to avoid falling victim to StoneDrill. Firstly, it was recommended that firms conduct security assessments to close any security loopholes that may exist on their networks. Next, the researchers encouraged organisations to work together to share intelligence, which in turn can help with initiatives like employee cyber security training.

They also argued the case for “enhanced methods of protection” that operate both inside and outside of the perimeter, with enough resources behind them to block attacks before they reach firms’ most important data and systems.

Photo copyright xenovon, under licence from

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]