Symantec has spotted another odd piece of malware that appears to be targeting Iran and is designed to meddle with SQL databases.
The company discovered the malware, called W32.Narilam, on November 15 but published a more
detailed write-up this morning by Shunichi Imano. Narilam is rated as a "low risk" by the company, but according to a map, the majority of infections are concentrated in Iran, with a few in the UK, the continental US and the state of Alaska.
Interestingly, Narilam shares some similarities with Stuxnet, the malware targeted at Iran that disrupted its uranium refinement capabilities by interfering with industrial software that ran its centrifuges. Like Stuxnet, Narilam is also a worm, spreading through removable drives and network file shares, Imano said.
