Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mahdi The “Messiah” (CPSC 620) Akash Mudubagilu Arindam Gupta.

Published byReginald Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Mahdi The “Messiah” (CPSC 620) Akash Mudubagilu Arindam Gupta."— Presentation transcript:

1

2 Mahdi The “Messiah” (CPSC 620) Akash Mudubagilu Arindam Gupta

3 Agenda Computer Trojan Mahdi What makes it special Mahdi Targets Effects How to remove References

4 What is Trojan ? A Trojan is a program that may appear to be legitimate, but in fact does something malicious. Destructive program steals information or harms the system Does not replicate

5 Mahdi Also known as Madi Data-stealing Trojan Attack relies on social engineering techniques to get onto targeted computers. Records Keystrokes Screen shots Audio Steal text and image files

6 Contd.. The following is an email example which included a malicious PowerPoint attachment

7 Contd.. In another example the PowerPoint when opened, displays a series of video stills showing a missile destroying a jet plane

8 What makes it special ? Reference in the code to the word for the Islamic Messiah. Use of Farsi Language. Persian calendar format. It can update itself. The creators are still at work Always takes latest code definition.

9 Contd.. Communicates with command-and-control server Uploads stolen data Gets instructions from the server

10 Mahdi targets Critical infrastructure firms Engineering students, Financial services firms Government embassies located in Middle Eastern countries, with the majority of the infections in Iran. Also been found in countries like United States and New Zealand.

11 Mahdi Infections

12 Effects Google and Yahoo searches are redirected. Desktop background image and browser homepage settings changed. Slows down the computer considerably. Will get unwanted pop-ups. Also corrupts windows registry and uses it to deploy annoying pop-ups. Large amount of data uploaded. Might make the internet connection slow. Uploads sensitive information to server.

13 How to Remove Auto- Removal System Restore. Install a tool to remove the malware. Manual Removal Stop Mahdi process from Task Manager. Uninstall Mahdi from Control Panel, Add/Remove programs. Open windows registry, find and remove all Mahdi registry files. Delete all Mahdi related files from the computer.

14 References http://news.cnet.com/8301-1009_3-57503949-83/a-whos-who-of- mideast-targeted-malware/ http://news.cnet.com/8301-1009_3-57503949-83/a-whos-who-of- mideast-targeted-malware/ http://news.cnet.com/8301-1009_3-57474405-83/mahdi-messiah- malware-targeted-israel-iran-pcs/ http://news.cnet.com/8301-1009_3-57474405-83/mahdi-messiah- malware-targeted-israel-iran-pcs/ http://blog.seculert.com/2012/07/mahdi-cyberwar-savior.html http://www.symantec.com/connect/blogs/madi-attacks-series- social-engineering-campaigns http://www.symantec.com/connect/blogs/madi-attacks-series- social-engineering-campaigns http://www.nextgov.com/cybersecurity/2012/08/mahdi-spyware- operation-broadens-middle-east/57761/?oref=ng-channelriver http://www.nextgov.com/cybersecurity/2012/08/mahdi-spyware- operation-broadens-middle-east/57761/?oref=ng-channelriver http://www.reuters.com/article/2012/08/29/us-cybersecurity- middleeast-idUSBRE87S0EK20120829 http://www.reuters.com/article/2012/08/29/us-cybersecurity- middleeast-idUSBRE87S0EK20120829

Download ppt "Mahdi The “Messiah” (CPSC 620) Akash Mudubagilu Arindam Gupta."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.

What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Nasca 2007 100 200 300 400 500 Internet Networking and Security viruses.

Nasca Internet Networking and Security viruses.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Spring 2008 www.umsl.edu/~iclabs. Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.

Spring Definitions  Virus  A virus is a piece of computer code that attaches itself to a program or file so it can spread.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
FIRST COURSE Computer Concepts Internet and Email Microsoft Office Get to Know Your Computer.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
1Lecturer: Dalia Mirghani Saadabi. 2 A set of computers connected together so that they can communicate is called a computer network. This involves installing.

1Lecturer: Dalia Mirghani Saadabi. 2 A set of computers connected together so that they can communicate is called a computer network. This involves installing.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Lecture 4: Software Tonga Institute of Higher Education IT 141: Information Systems.

Lecture 4: Software Tonga Institute of Higher Education IT 141: Information Systems.
By, Anish Shanmugasundaram Yashwanth Sainath Jammi.

By, Anish Shanmugasundaram Yashwanth Sainath Jammi.
Computer Safety Workshop Presented by Roy Coleman April 14, 2015 © 2015 Roy Coleman.

Computer Safety Workshop Presented by Roy Coleman April 14, 2015 © 2015 Roy Coleman.

Similar presentations

Ads by Google