Pulse

By GCN Staff

Blog archive
Small businesses in Tehran marketplace

Narilam database malware found in Iran strictly business

Symantec recently identified a database-corrupting piece of malware targeting systems mostly in Iran, but despite early speculation that it could be related to the likes of Stuxnet and Flame, it appears to be targeting small businesses rather than the country’s infrastructure.

The worm, which Symantec calls W32.Narilam, attacks Microsoft SQL Server databases and searches for specific words, some of the written in Persian or Arabic, according to a Symantec blog post.  Narilam then corrupts data, but does not steal anything, according to the blog.

The malware bears some cursory resemblance to Stuxnet, in that it is a worm and spreads via removable drives and network files shares, Symantec said. Stuxnet reportedly was developed as part of a U.S.-led cyber operation and which disrupted Iran’s uranium processing. Other pieces of malware, including Flame and Duqu, also have been identified as coming from the program.

However, Iran’s Computer Emergency Response Team issued a statement calling Narilam unsophisticated and “has no sign of a major threat.” In fact, Iran’s CERT said it had been previously detected in 2010 and targets accounting software developed by an Iranian company used by small businesses.

Symantec said infections weren’t widespread and that the vast majority of infections were in Iran, with a few in the United States and Great Britain.

Researchers at Kaspersky Labs also said they saw no connection between Narilam and Stuxnet, and, considering the low number of reported infections, speculated that the worm is “probably almost extinct.”

Posted by Kevin McCaney on Nov 26, 2012 at 9:39 AM


Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected