All the latest UK technology news, reviews and analysis


Madi Trojan may be targeting UK firms

26 Jul 2012
malware virus security

The recently unearthed Madi cyber campaign may be infecting governments and firms outside the Middle East including the UK, as those behind the attack add more pernicious capabilities, such as instant messaging monitoring.

Securlert, one of the two firms that helped discover Madi, has warned that infections are spreading far wider than initially estimated.

"Looking deeper into the Mahdi victims' IP addresses, we did find a few dozen IP addresses which seem to be from non-Middle Eastern countries, such as the US and UK," it warned on a company blog.

UK firms with significant business interests in the Middle East appeared at greater risks, it added. 

The Madi malware was originally believed to be mainly targeting groups and governments in the Middle East when it was first uncovered earlier in July. Symantec went so far as to warn that 72 per cent of Madi's victims are from Israel.

The news follows a warning from Kaspersky Lab that a new more dangerous form of Madi has emerged, with improved espionage powers that let's its authors monitor conversations, such as those on instant messaging system Jabber, or European social network, VKontakte.

Meanwhile, Securlert also reported discovering a possible link to the infamous Flame malware, reportedly finding an identifier prefix labelled "Flame" being used by Madi's command and control (C&C) server to communicate with infected machines.

"The first targeted victim with the "Flame" prefix began communicating with the C&C server in early June, right after the Kaspersky Lab discovery of Flame went public. Coincidence? Maybe," it added.

Madi was originally discovered on 17 July by Seculert and Kaspersky Lab. Madi is believed to have already stolen gigabytes of data from its victims' computers. The origin of the Trojan is currently unknown though vendors have hinted it may be the latest government funded cyber attack uncovered this year.

The UK government recently published a report claiming the country must instigate its own cyber weapons development programme if it wants to remain a world power.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
7%
8%
1%
71%
13%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Lead Business Analyst ECM Documentum Sharepoint

Senior Business Analyst ECM Documentum Sharepoint...

Agile Business Analyst Financial Services

Agile Business Analyst Financial Services An exciting...

System Support Officer

South Somerset District Council The Council Offices...

Mobile Application Developer

Faculty of Medicine and Health School of Medicine...
To send to more than one email address, simply separate each address with a comma.