Mahdi malware invades 800+ Middle East computers

mahdi malware invades 800 middle east computersComputers throughout the Middle East are being infected by malware that appears to be part of a surveillance campaign that records users’ activity both on and, surprisingly, off the computer, according to reports.

The malware, called “Mahdi” – also known as Madi, and named after the Islamic concept of “the prophesied redeemer of Islam who will rule for seven, nine or nineteen years (according to various interpretations) before the Day of Judgment… and will rid the world of wrongdoing, injustice and tyranny” – was discovered on machines throughout the region earlier this week, and is believed to be just part of an ongoing attack on computers throughout the Middle East and Asia. “We have analyzed several versions of the malware [and] are anticipating other versions to arrive, as the attack is still active,” explained Aviv Raff, the chief technology office of cybersecurity firm Seculert, the company believed to have initially detected the malware.

According to analysis from Kapersky Labs, Mahdi has been working undetected for a long time now. “For almost a year, an ongoing campaign to infiltrate computer systems throughout the Middle East has targeted individuals across Iran, Israel, Afghanistan and others scattered across the globe,” the analysis opens, going on to suggest that it has already captured “large amounts of data” from “Middle Eastern critical infrastructure engineering forms, government agencies, financial houses and academia.”

The malware is believed to infect computers via a PowerPoint file sent as an email attachment, although it also reportedly installs itself via images disguised as text files. In an email to Talking Points Memo, a Kaspersky analyst explained that the malware appeared to have been created with the purpose of “sustained data retrieval and large scale surveillance of a regional, select set of sectors, organizations, individuals and events in the Middle East,” specifically “business people working on critical infrastructure projects, government agencies in the Middle East, Israeli banks, engineering/high tech firms, and engineering students.” It’s believed that the software not only records keystrokes, but snoops in all manner of concerning ways. According to the Kaspersky report, Mahdi does the following:

  • Logs keystrokes
  • Captures screenshots of infected computers at specified intervals
  • Captures screenshots of infected computers when the user initiates a “communications event,” described by Kaspersky as “the victim is interacting with webmail, an IM client or social networking site,” with sites that initiate the screenshots including Gmail, Hotmail, Yahoo! Mail, ICQ, Skype, Google+, Facebook and others
  • Updating backdoor
  • Recording and uploading outside audio as .wav files
  • Retrieving “any combination of 27 different types of data files”
  • Retrieving disk structures of the infected computer
  • Delete and bind (“These are not fully implemented yet,” Kaspersky notes)

So far, Mahdi has been discovered on at least 800 machines. Both Kaspersky and Seculert expect that number to increase with more releases of the malware.


Google Slides now auto-transcribes verbal presentations for real-time captions

A new feature for the Google Slides presentation software uses a computer's built-in microphone to transcribe the words of a speaker in real time, displaying them for everyone to see.

Your PlayStation 4 game library isn't complete without these games

Looking for the best PS4 games out there? Out of the massive crop of titles available, we selected the best you should buy. No matter what your genre of choice may be, there's something here for you.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Movies & TV

Stay inside this summer with the best shows on Hulu, including 'Castle Rock'

It's often overwhelming to navigate Hulu's robust library of TV shows. To help, we've put together a list of the best shows on Hulu, whether you're into frenetic cartoons, intelligent dramas, or anything in between.
Movies & TV

The best shows on Netflix in October, from 'Mindhunter’ to ‘The Good Place’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Pixel 3, Home Hub, and Pixel Slate — our first look at all Google’s new devices

Google has taken the wraps off of a slew of new devices, including the Pixel 3 smartphones, Google Home Hub smart display, Google Pixel Slate tablet, and more. We were at the event, and took a ton of photos of all of Google's new products.

PayPal will soon let you withdraw cash at Walmart, but there’s a catch

PayPal has teamed up with Walmart to allow its account holders to withdraw and deposit cash at the store. The service launches at all Walmart stores across the U.S. in early November, but there's a catch.

Spotify vs. Pandora: Which music streaming service is better for you?

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.

Here's how to download a YouTube video to watch offline later

Learning how to download YouTube videos is easier than you might think. There are plenty of great tools you can use, both online and offline. These are our favorites and a step by step guide on how to use them.

Carbuying can be exhausting: Here are the best used car websites to make it easier

Shopping for a used car isn't easy, especially when the salesman is looking to make a quick sale. Thankfully, there are plenty of sites aimed at the prospective buyer, whether you're looking for a sedan or a newfangled hybrid.

How to recover Google contacts

If you accidentally deleted an important person from your Google Contacts, they might not be lost forever. Recovering them is a fairly easy process -- as long as you do it quickly. Here's how.

Afraid that Bitcoin could be a bubble? Here's how to sell what you've got

If you're investing in cryptocurrencies, it's important to have your exit strategy in place if prices start to crash. If you've decided it's time to get out or just want to learn how to sell Bitcoins, here's how to get started.

Don't take your ISP's word for it: Here's how to test your internet speed

If you're worried that you aren't getting the most from your internet package, speed tests are a great way to find out what your real connection is capable of. Here are the best internet speed tests available today.

Your ‘Do Not Track’ tool might be helping websites track you, study says

New research from the "Do Not Track" features embedded in popular browsers are being ignored, opening up the possibility of consumers having their information targeted by specific ads based on their web histories and cookies.