Mahdi Trojan threatens Middle East computer infrastructures

300px Middle East geographic Mahdi Trojan threatens Middle East computer infrastructures

Seculert and Kaspersky have uncovered a cyber espionage campaign targeting Middle Eastern countries, especially Iran.

Seculert and Kaspersky have uncovered a cyber espionage campaign targeting Middle Eastern countries, especially Iran. 

Dubbed as the Mahdi Trojan, the threat allows remote attackers to steal information, monitor emails, hijack instant messaging clients, record audio, log keystrokes, and take screen shots of infected computers.

Security experts are suggesting that the attacker(s) are fluent in Persian because the communications tools used in the campaign are written in Persian. 

“It's for sure somebody who is fluent in Persian, but we don't know the origin of those guys,” Seculert Chief Technology Officer Aviv Raff told the press

So far the threat has managed to infect infrastructures and computers of companies, engineering students, financial services firms, government embassies in the Middle East—the majority of the infections are in Iran. 

The goal of the campaign is still under investigation, but experts have reported that gigabytes of data have been uploaded.  Furthermore, the ongoing Mahdi threat suggests that the campaign is a part of something bigger.

“Somebody is trying to build a dossier of a larger scale on something.  We don’t know what they are going to do at the end,” said Aviv. 

Source: Reuters

Oh look, a bug!