Feeds

back to article Analysts: Shamoon oil biz malware flingers were 'amateurs'

Fresh analysis of the Shamoon malware has concluded that its authors are more likely to be "skilled amateurs" rather than elite cyber-spies. Shamoon has been linked to recent high-profile malware outbreaks at Saudi Aramco and RasGas, Gulf-based oil and gas firms. Saudi Aramco lost its network for 10 days as a result of the …

COMMENTS

This topic is closed for new posts.

But if I were an elite cyberspy...

...I'd probably plant a few errors to mislead.

Just saying.

5
3
Silver badge
Black Helicopters

Re: But if I were an elite cyberspy...

I'd also go onto popular tech sites to post words to that effect.

Wait...

0
0

Re: But if I were an elite cyberspy...

Thumbs down from "elite cyberspies" I guess

1
0
Anonymous Coward

If those virus writers were amateurs

I can imagine what kind of total incompetents were being paid at those two companies to run the IT infrastructure.

1
0

Re: If those virus writers were amateurs

Security can be very expensive, so very often it comes down to what resources management want to allocate to all the disciplines that is good IT Governance.

0
0
WTF?

WTF?

So the issue with their coding errors is that they didn't include the the means to propagate more maleware? Wouldn't this make them Amateur Maleware writers, not Amateur programmers? I know "analysts" like knock maleware writers, but come on. Maybe I'm no seeing everything here.

0
0
Silver badge
Joke

Re: WTF?

I'd have thought it made them radical feminists of the "castrate them at birth" persuasion.

1
0
Bronze badge
WTF?

Re: WTF? "maleware" writers

maleware writers????

WTF is a "maleware writer"??? Someone who creates pr0n????

0
0
Bronze badge

Re: ....radical feminists

Are the worst!!!

I knew one once, she certainly epitomized the phrase: castrating feminist bitch!!!!

Her "favorite" T-shirt displayed "I go from 0 to 100% BITCH in 1 milli-second".

0
1

Re: WTF?

If you'd read the write-up correctly, you'd have noticed, it's not that they didn't create means to download additional malware, but that they actually messed up the routines to do such - this makes them worse than amateurs (aside from anything else, testing code written, is programming 101, especially if you're coding it to be used maliciously).

Indeed, if they're to be called anything, it should be amateur coders, rather than programmers.

The fact there was virtually no protection against researchers/analysts identifying it, also makes it highly unlikely to be the work of professionals.

0
0
Anonymous Coward

They will be "elite" in prison

I'm sure the perps will make friends and influence people in prison.

0
0
FAIL

Certainly goes go show...

...how easy it is to manipulate people in certain political environments. My guess is that the burning flag display mentioned in the article did its part in the spread of this particular baddie.

And I quite agree that the IT security (if any) in those two oil companies should be fired en bloc; this is the sort of thing they are supposed to prevent. Of course, if the IT security in those companies is non-existent, the people who decided that IT Sec is superfluous should be fired instead. And their salaries invested in IT Sec.

Wish there were a "double-fail" icon...

0
0
This topic is closed for new posts.