Shamoon virus

Shamoon is a dangerous malware program used in cyber warfare, and was first seen in attacks on the Saudi energy sector in 2012. Shamoon is a weaponized malware that uses a combination of components to infect computers, including the dropper, wiper, and reporter. The dropper creates a persistent service on the infected computer and copies itself to other network-attached computers, spreading its malicious code. The wiper drops a third component, which overwrites the hard disk’s master boot record with an embedded image in the malware, making the system unusable. The reporter establishes communication with a command and control server.

To protect your network against Shamoon, it's important to constantly monitor your network for intrusions. With a SIEM solution, you can detect malicious intrusions in real time. Mapping your security solution with the MITRE ATT&CK matrix can help you detect malware activity, communicate with a command-and-control server, and spot data exfiltration attempts. It's also important to utilize up-to-date antivirus software, regularly patch your systems, and educate your employees on identifying phishing emails and suspicious activity. Watch the video to learn more—three minutes is all it takes!

     

Get the latest content delivered
right to your inbox!

Thank you for subscribing.

You will receive regular updates on the latest news on cybersecurity.

  • Please enter a business email id
  •  
  •  
    By clicking on Keep me Updated you agree to processing of personal data according to the Privacy Policy.

Expert Talks

     
     

© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.