At least six different Saudi Government agencies, including the General Authority of Civil Aviation, has had thousands of their systems crippled in an attack by hackers using the Shamoon virus. With Iran as the most like source of the attack, Shamoon wipes the hard drives of machines it infects.

This latest attack is similar to one from 2012 where the same virus wiped 36,000 computers at Saudi Aramco, the state oil company. In that attack, the hackers were able to install Shamoon using passwords they obtained using spear phishing techniques.

Whoever is behind this latest version of the malware seems to have done similar leg work as it too was set up using passwords from the organizations it targeted. Additionally, the attack was set to begin wiping hard drives after the close of the Saudi business week in order inflict as much damage as possible.

Comments are closed.