New Spying Malware Targets Iran, Israel

Bid Termed 'Amateurish' Compared to Recent Flame Attacks

It may be nowhere near as advanced as the recent Flame Virus, which was targeting Iran, but a new spying malware is making the rounds across the Middle East, and seems to be hitting both Iran and Israel in equal measures as primary targets.

The new malware, termed “Madi” in reports, has been caught targeting critical infrastructure in Israel, as well as major Israeli financial institutions. Kaspersky Lab, one of the top Internet security companies, termed it “very basic” and even “amateurish” compared to the other major attacks.

Interestingly, that “amateurish” nature may have been a key to its success, as one Kaspersky researcher said that it might have “helped the operation fly under the radar and evade detection.”

Madi seems to be primarily a keystroke logger, collecting key user information and stealing login data. Like Flame, it also takes screenshots and records audio. The virus is spread by phony photographs with a .jpg extension, but which are actually executable .scr files. Such an attack would only impact Windows users.

Author: Jason Ditz

Jason Ditz is Senior Editor for Antiwar.com. He has 20 years of experience in foreign policy research and his work has appeared in The American Conservative, Responsible Statecraft, Forbes, Toronto Star, Minneapolis Star-Tribune, Providence Journal, Washington Times, and the Detroit Free Press.