Home Malware Programs Malware Dustman

Dustman

Posted: January 9, 2020

The final days of 2019 were marked by the discovery of a new piece of data-wiping malware that goes by the name Dustman. What is even more gripping is that this threat appears to originate from Iran, a country whose cybercriminals are linked to several other data wiping malware strains like Shamoon and ZeroCleare. The new threat, dubbed Dustman, was used in only one attack campaign that targeted Bapco, a large oil company with headquarters in Bahrain.

Although Dustman comes from Iran, there is no reason to believe that the cyberattack is linked to the tense relationship between Iran and the United States. Despite this, Dustman is another reason for international companies to consider strengthening their defenses, because of the high-quality malware that hackers around the world possess.

The attack involving Dustman was first reported by the Saudi Arabian cybersecurity agency, and the malware strain was researched by security vendors around the world quickly. The sole purpose of this threat is to cause potentially irreversible damage to the infected network by wiping out the contents of its hard drives. Vendors report that there are significant similarities between the code of earlier Shamoon versions and Dustman, but there also are some key differences in terms of the wiping techniques they use.

Although Bapco is the only known victim of the Dustman malware, it is entirely possible that the Iranian hackers have already employed it in attacks against other networks – it remains to see if this will turn out to be true or not.

Loading...