Regional users warned of Arabic virus danger

Security firm Symantec expects a growth in malware targeting Arabic users.

  • E-Mail
By  Peter Branton Published  June 16, 2007

Regional users are being warned to watch out for a new threat - Arabic viruses. Security firm Symantec said last week that it expects to see a growth in malware targeting Arabic users.

Symantec's warning follows the discovery of what it claims is the first malware code to use Arabic text - the W.32AlNuh (pronounced Al Nooh) worm, which Symantec discovered at the end of last month.

W32.AlNuh does not appear to destroy or steal any files or information, although it will monitor and close windows created for various system utilities in Windows, both English and Arabic.

While Symantec acknowledged that W32.AlNuh did not in itself pose much of a threat to users, it said its usage of Arabic text poses a new danger to users in the region.

"The ability of the author to lure or socially engineer regional users into opening possible future variants of seemingly ‘harmless' Arabic executables poses a new danger previously not encountered," Ivor Rankin, senior security consultant at Symantec, told in an e-mail.

While W32.AlNuh seems to have been just a "work in progress", Rankin said, the concern is that other malware could follow.

"Just as we have seen a rise in the number and sophistication of Arabic phishing attacks targeting users in the region, so too we will see a rise in similar malware; in what could be a new trend in the malware arena affecting users in the region," Rankin warned.

According to Symantec, the situation could be comparable to the growth in Chinese language viruses, in which case we could be about to experience a "surge" in such viruses.

However, Justin Doo, managing director of Trend Micro Middle East and Africa, was more skeptical. "The realistic situation is that if you look at where the threat landscape is going, we're moving away from virus attacks anyway," he said.

Instead, Doo argued, criminals are increasingly looking at attacks such as phishing, which allow them to make money. "These people are looking a hit, they're looking for a rate of return," he said.

While Doo said it was quite likely that the existence of one Arabic virus might see others being written, they were likely to be low-level and hence not very successful.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code