It did not take long for the Stuxnet and Flame malware to inspire imitators. A similar version of the software used by the US and Israeli authorities to attack Iran’s nuclear weapons program has turned up on computers in Peru but this time it appears to be corporate espionage not national security as the motivation.
The software called ACAD/Medre.A appears to target AutoCad computer assisted drafting files (CAD); it copies them then emails them off to the malware’s installer.
The software has not been linked to any government; it is conjectured to be an effort by contractors trying to find out what competitors are proposing for competitive bids.
While the commercial implications are serious what is even more worrying is the risks that such software poses to other groups. It will not take much to tweek the malware so that it targets the computers of activists, dissidents, opposition politicians and other deemed enemies of repressive regimes like China, Vietnam, Laos, Cambodia among others.
Again it is a reminder to maintain computer security and in very sensitive situations not to keep files on a computer you do not want others to see because as has been seen with Wikileaks and the like information has a habit of getting out.
Ezine VB reported on this new malware. The article follows.