Kaspersky Lab has recently discovered StoneDrill, a new type of malware that destroys all the files on the infected computer for good. The malware features anti-detection techniques and espionage tools and has infected computers in the Middle East and Europe.
It is similar to Shamoon, which wiped clean about 35.000 computers in an oil and gas company in the Middle East, back in 2012, and left 10% of the world’s oil at risk.
Shamoon 2.0 has reappeared in 2016 and StoneDrill is very similar to it, but has extra features. The virus infects th computer, injects itself into the memory process of the default browser, fools the security solutions present with two anti-emulation techniques and after it has successfully disguised, it start destroying files.
Kaspersky Lab also found a StoneDrill backdoor, used for espionage purposes. For now, the security researchers did not discover how the malware spread.
The best way to protect against all sorts of attacks is to use security software, strong password rules and be paranoid enough to think that your security will be breached and implement a backup solution, so that everything destroyed or infected can be successfully restored.
For more information, see this article from Kaspersky’s securelist.com website.