Mahdi malware invades 800+ Middle East computers

mahdi malware invades 800 middle east computersComputers throughout the Middle East are being infected by malware that appears to be part of a surveillance campaign that records users’ activity both on and, surprisingly, off the computer, according to reports.

The malware, called “Mahdi” – also known as Madi, and named after the Islamic concept of “the prophesied redeemer of Islam who will rule for seven, nine or nineteen years (according to various interpretations) before the Day of Judgment… and will rid the world of wrongdoing, injustice and tyranny” – was discovered on machines throughout the region earlier this week, and is believed to be just part of an ongoing attack on computers throughout the Middle East and Asia. “We have analyzed several versions of the malware [and] are anticipating other versions to arrive, as the attack is still active,” explained Aviv Raff, the chief technology office of cybersecurity firm Seculert, the company believed to have initially detected the malware.

According to analysis from Kapersky Labs, Mahdi has been working undetected for a long time now. “For almost a year, an ongoing campaign to infiltrate computer systems throughout the Middle East has targeted individuals across Iran, Israel, Afghanistan and others scattered across the globe,” the analysis opens, going on to suggest that it has already captured “large amounts of data” from “Middle Eastern critical infrastructure engineering forms, government agencies, financial houses and academia.”

The malware is believed to infect computers via a PowerPoint file sent as an email attachment, although it also reportedly installs itself via images disguised as text files. In an email to Talking Points Memo, a Kaspersky analyst explained that the malware appeared to have been created with the purpose of “sustained data retrieval and large scale surveillance of a regional, select set of sectors, organizations, individuals and events in the Middle East,” specifically “business people working on critical infrastructure projects, government agencies in the Middle East, Israeli banks, engineering/high tech firms, and engineering students.” It’s believed that the software not only records keystrokes, but snoops in all manner of concerning ways. According to the Kaspersky report, Mahdi does the following:

  • Logs keystrokes
  • Captures screenshots of infected computers at specified intervals
  • Captures screenshots of infected computers when the user initiates a “communications event,” described by Kaspersky as “the victim is interacting with webmail, an IM client or social networking site,” with sites that initiate the screenshots including Gmail, Hotmail, Yahoo! Mail, ICQ, Skype, Google+, Facebook and others
  • Updating backdoor
  • Recording and uploading outside audio as .wav files
  • Retrieving “any combination of 27 different types of data files”
  • Retrieving disk structures of the infected computer
  • Delete and bind (“These are not fully implemented yet,” Kaspersky notes)

So far, Mahdi has been discovered on at least 800 machines. Both Kaspersky and Seculert expect that number to increase with more releases of the malware.

Emerging Tech

‘Rogue medicine in a bathtub’: 4 experts on the vice and virtue of pharma hacking

A biohacker, pharmahacker, and two bioethicists walk into a bar. We ordered them a metaphorical round and had a chat about the risks and rewards of DIY medicine — from unsanctioned gene therapy to medication made on the kitchen counter.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

Amazon Prime brings more perks than just free two-day shipping. Subscribers get access to a huge library of TV shows to stream at no extra cost. Here are our favorite TV shows currently available on Amazon Prime.
Movies & TV

The best shows on Netflix in August, from ‘Arrested Development’ to ‘Dark Tourist’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Apple just released iOS 12 Beta 5 and Siri Shortcuts just got a lot better

At this year's Worldwide Developer Conference, Apple unveiled its latest operating system, iOS 12. From app updates to group FaceTime, ARKit 2.0, and more, here are all the new features in iOS 12.

Here are the best free music download sites that are totally legal

Finding music that is both free and legal to download can be difficult. We've handpicked a selection of the best free music download sites for you to legally download your next favorite album.

Google will warn businesses if state-sponsored hackers target G Suite users

Google is booting email security for G Suite subscribers. A new feature will send an alert to administrators if Google detects that a phishing or malicious email was sent to a G Suite user as a result of a government-sponsored hack.

How A.I. can defeat malware that doesn’t even exist yet

Cylance Smart Antivirus is a brand new consumer protection application that claims to only need its AI machine learning algorithm to protect you. Can ditching signatures really make for a safer future?
Emerging Tech

Automate all the little stuff in your life with these awesome IFTTT recipes

Curious about what kind of awesome things you can do with If This Then That? IFTTT recipes allow you to set up a variety of automated routines to make life easier. Check our list of the best and you'll be automating your life in no time!
Movies & TV

Tired of Netflix? Here's where to find free movies online, legally

We've spent countless hours digging around the web to find the best sites for streaming free movies online. Not only are all of these sites completely free to use, they're also completely legal and trustworthy.
Emerging Tech

Walmart’s new grocery robots aim to speed up your shopping experience

Walmart teamed up with a robot shuttle system company to find a way to speed up its in-store grocery pickup service. The service will launch in one Walmart superstore later this year.

The Facebook dating service will be free of charge and free of ads

Facebook is getting into the dating game. While the feature was one of the surprises from this year's F8, new details suggest what the feature may entail, including a few screenshots from a computer programmer.

Find your way around Google Maps with these handy tips and tricks

How good are your navigation skills? We've got a delectable menu of Google Maps tips and tricks for you right here, to take the pain out of your trips. Go from newbie to mapping master and learn how to use Google Maps.
Emerging Tech

Widespread internet access is causing mass sleep deprivation, study suggests

A study claims that high-speed internet may be costing us up to 25 minutes of sleep per night. And, surprisingly, the biggest problem isn't among those young people who are under 30.

Network routers with roaming enabled are likely susceptible to a new attack

Jens Steube discovered a new method to break into network routers while researching new ways to attack the WPA3 security standard. He stumbled onto an attack technique capable of cracking hashed WPA-PSK passwords.