Monthly Threat Intelligence Briefing Operation Saudi

Written by RevBits Malware Analysis Team  Tagged as Threat Intelligence Briefing

Our continuing study of Shamoon, a malicious wiper software threatening the Saudi Arabian energy industry, gleans some intriguing results. Shamoon is becoming more sophisticated in trying to thwart forensic efforts to unmask and track it.

Although it is finally attempting to cloak its origin, it continues to use the same code as the original in several processes. This makes it easy to link current versions with what we already know about Shamoon.

Stay in touch