- V3 Apps
Iran has detected new malware targeting the county's systems that's intended to destroy business-critical data.
The Iranian Cyber Emergency Response Team (CERT) reported finding the tool on Sunday, but said that while serious, the malware is nowhere near as sophisticated as previous attacks that have targeted the country.
"Latest investigation have been done by Maher center in cyber space identified a new targeted data wiping malware. [Initial] analysis revealed that this malware wipes files on different drives in various predefined times," wrote the CERT team.
"Despite its simplicity in design, the malware is efficient and can wipe disk partitions and user profile directories without being recognised by antivirus software. However, it is not considered to be widely distributed. This targeted attack is simple in design and it is not any similarity to the other sophisticated targeted attacks."
The CERT's findings were mirrored by F-Secure security chief Mikko Hypponen.
"Batchwiper is very unsophisticated. In fact, it's basically a compiled DOS batch file," Hypponen told V3.
"However, even if the tool is simple, the attack can still be significant depending on the target."
The attack is one of many to be detected target Iranian networks over the last year. Most famously the hyper sophisticated Flame malware was uncovered targeting Iran in May.
Flame's caused widespread consternation across the security community, with numerous vendors including Microsoft and F-Secure describing the malware as a game changer.
Similar malware related to Flame has since been discovered operating in Iran. These include Gauss and Flame Mini. It is currently believed that at least one other undetected Flame-related malware is still operating.
The malware's final goal is currently unknown, though some vendors have speculated that the tools may be precursors to a further Stuxnet-type attacks.
Stuxnet was designed to cripple Iran's nuclear programme by sending its uranium-enriching centrifuges haywire.