Skip to main content

    'Mahdi' malware still spreading in Iran even after discovery

    'Mahdi' malware still spreading in Iran even after discovery

    /

    Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread.

    Share this story

    Mahdi source Securelist Kaspersky Labs
    Mahdi source Securelist Kaspersky Labs

    Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread. The majority of cases are in Iran, and Seculert CTO Aviv Raff suspects that the perpetrators are either in the employ of another government or carrying out the attacks for ideological reasons. Mahdi lets intruders monitor inbound and outbound communication from infected PCs as well as stealing files.

    Speaking to Reuters, Roel Schouwenberg of Kapersky Lab said that the "less professional" creators of Mahdi don't seem to care about getting discovered, and the malware can continue to be effective; apparently the code has been modified in recent weeks to evade anti-virus software. Seculert, which is working with Kapersky Lab on the Mahdi situation, says that the total number of infections has risen to nearly 1,000. While most of the new infections have been found in Iran, there have also been cases in Germany and the United States.