Move over, Flame: New Messiah-themed malware targets Iran, Israel

[nsane.forums]

New espionage malware has been found targeting systems in the Middle East.

Almost half of the systems infected by Madi were located in Iran.

Researchers have discovered another piece of espionage malware targeting sensitive organizations in the Middle East, this time siphoning e-mails, passwords, computer files, and nearby conversations from more than 800 PCs operated by critical infrastructure companies, financial institutions, and government agencies.

Researchers from Kaspersky Lab and Seculert have dubbed the malware Madi or Mahdi, which in Islam is roughly analogous with Messiah. The name is based on several strings and handles used by the attackers. While its discovery immediately evoked comparisons to the Flame malware used to disrupt Iran's nuclear program, separate analyses released on Tuesday by both companies cataloged significant differences between the two campaigns. Madi, for instance, wielded no zero-day vulnerabilities, contained amateur coding practices, and relied on the gullibility of its victims. Flame, by contrast, boasted world-class cryptographic breakthroughs and other hallmarks that could have come only from state-sponsored developers.

"While we couldn't find a direct connection between the campaigns, the targeted victims of Mahdi include critical infrastructure companies, financial services and government embassies, which are all located in Iran, Israel and several other Middle Eastern Countries," the analysis from Seculert stated. "It is still unclear whether this is a state-sponsored attack or not."

The campaign dates back at least to December and originates in e-mails that contain an array of news articles, videos, and religious themed images depicting the wilderness or tropical settings. To mask the maliciousness of some of the payloads, the attackers used a technique known as "Right to Left Override" to name some files. By manipulating the Unicode or UTF-8 text of the filenames, they were able to able to make executable code appear as simple image files with titles such as "picturcs.jpg," that were displayed with a common ".jpg" icon. Some of the attached material invites the reader to click on video files. Those who fell for the social-engineering ploy are then infected with malware.

Madi has the ability to log keystrokes, capture screenshots, and siphon any messages sent to or from a variety of widely used services including Gmail, Hotmail, Yahoo! Mail, Skype, or ICQ. It can also record audio that's in the vicinity of an infected machine and save it for upload. One version examined by Seculert communicated with a server located in Canada. The researchers said an earlier variant connected the same domain name, but the server was located in Tehran, Iran.

In all, they identified more than 800 victims who communicated with four different command and control servers over an eight-month period. Some of the communications between the malware and command-and-control servers use the Farsi language, and some of the dates contained in the malware are written in the format of the Persian calendar. Almost half of the infections—387 to be exact—hit Iran. Israel, Afghanistan, the United Arab Emirates, and Saudi Arabia were also targeted with 54, 14, six, and four infections respectively. Seculert researchers said they've been tracking Madi for "several months." The espionage campaign is ongoing.

In the wake of Flame, and the related malware known as Duqu and Stuxnet, the disclosure of yet another piece of malware targeting critical systems in Iran and other Middle Eastern countries is sure to spark widespread intrigue. The lack of any conclusive evidence showing who's behind it is sure to generate more curiosity in the coming weeks and months.

View: Original Article

[Ambrocious]

Excerpt From-

"The Rise of A.I. Self Replicating Super Bugs: The Beginning of Digitized DNA Super Viruses"

Classification: Pre Homosapien Sapien Digi-Splicing Biography

Auther C.J Moorse; Earth Date - 2042

History indicates that at one unidentified point, the start of the digital DNA coup d'état splicing which was secretly orchestrated by Monsanto and IBM through the ending of the agriculture practices at the end of 2015 originally began in 2004 as was secretly encouraged by many wealthy power brokers of the world. For many years people did not even realize that their own brains were being digitally re-written through multiple different waves of wireless information which was specifically designed to be able to interact with classes of our own brains natural electrical impulses.

Many people were unaware until the year 2024 that they had been ultimately responsible for the creation of such super viruses that began to plague the Internet in 2007. Human and digital DNA began to first successfully interact and cause significant digital replication and communication to take place against the electrical based information systems built into the internet. Unlike original and classical digital transmissions, Cyber DNA which was nothing more than reprogrammed wireless signals that our brains were naturally and purposefully receptive to, it was causing Human Beings to be able to, on rare occasions, transmit wireless signals back into any open wireless communication. In this early stage, the digital DNA was not yet biological, it was strictly data. Based on the actual moods of people, complex Viruses like "Flame" and "Mahdi" and "Tsar Megiddo" all took part in the first testing stages which were funded by IBM and Monsanto. Monsanto's knowledge on vegetation was paramount for IBM to be able to find ways of finalizing the digital DNA for being able to merge Human Beings into our current form Homosapien Omegian, which many scientist confirm that if a large portions of humanity would have not resisted the transition, there would have not been as significant of a death toll as there was which resulted from the transition into splicing humanity.

With the mainstream release of Biological technology in 2017 which allowed for full home upgrades into newer Operating System without the need to buy new and individual computer parts was evidence that technology was in a shift to integrate into all of the Homosapien Sapien's on planet Earth. Human beings began to rewrite cyberspace and a new life form was confirmed to be alive and seemingly procreating over the new biological magnetic based system that was implemented in early 2016 after the great energy crisis and pole shift in 2013. Since common electricity was reliant on one gravitational rotation of Earth, The balanced formula is given as C - 2 + 14^z = 710Y + 409

After the pole shift in 2013, this formula changed as history shows.

Oh the imagination of someone who is high as a kite......the things they will say....

"Imagination is more important than knowledge..." Albert Einstein

[Ambrocious]

What I wrote above was of course fictional. I was indeed high at the time of writing it. I do think I might be good at writing fiction though....

[digimon]

What I wrote above was of course fictional. I was indeed high at the time of writing it. I do think I might be good at writing fiction though....

would make a good story

anyway the concept that virius may be written for computers that can evolve on there on that concept may be possble someday