View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 23, 2012

Symantec discovers new malware targeted at SQL databases

The new 'Narilam' malware has affected several Symantec's Iranian business clients.

By CBR Staff Writer

Computer security firm Symantec has discovered a new malware that targeted Iranian businesses to steal financial and sales data.

Designed to destroy business data in Microsoft SQL databases, the new ‘Narilam’ malware has affected several Symantec’s Iranian business clients, the anti-virus firm said.

Symantec’s Shunichi Imano said in a blog post that the malware does not have any operation to steal data from the infected system and is programmed specifically to harm the data stored within the targeted database.

"Given the types of objects that the threat searches for, the targeted databases seem to be related to ordering, accounting, or customer management systems belonging to corporations," Imano said.

On an affected system, the malware searches for Microsoft SQL databases, following it hunts for specific words in the SQL database and will replace them in the database with random values or erases certain fields.

The names that can be accessed by malware include ‘hesabjari,’ which means current account, ‘pasandaz’ which means savings and ‘asnad’ meaning financial bond.

"Unless appropriate backups are in place, the affected database will be difficult to restore," Imano said.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"The affected organization will likely suffer significant disruption and even financial loss while restoring the database.

"As the malware is aimed at sabotaging the affected database and does not make a copy of the original database first, those affected by this threat will have a long road to recovery ahead of them."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.