Spy rootkit goes after Indian, Iranian systems

A data-harvesting rootkit is infecting systems in India, Iran, and Indonesia, according to security companies.

Sophisticated malicious software that infects critical infrastructure systems is spreading in the wild, according to security companies.

Finnish security company F-Secure, which is in the process of analyzing the malware, told ZDNet UK that critical infrastructure in India and Iran had been affected.

The malware takes advantage of a zero-day vulnerability in Microsoft .lnk shortcut files, and infects Siemens WinCC Scada software running on Windows 7 Enterprise Edition x86 systems. It spreads via USB drives and runs automatically when a shortcut icon is displayed on a user's screen.

Read more of "Spy rootkit goes after key Indian, Iranian systems" at ZDNet UK.

About the author

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Nissan gives new Murano bold style (pictures)
Top great space moments in 2014 (pictures)
This is it: The Audiophiliac's top in-ear headphones of 2014 (pictures)
ZTE's wallet-friendly Grand X (pictures)
Lenovo reprises clever design for the Yoga Tablet 2 (Pictures)
Top-rated reviews of the week (pictures)