Symantec finds malware designed to corrupt databases

Tools

Security vendor Symantec has published information about a malware called W32.Narilam that is designed to meddle with SQL databases via OLEDB. The worm apparently targets SQL databases with three distinct names, and will replace certain items in the database with random values or even delete rows.

The malware is specifically written to cause damage within a targeted database, but not to steal information from an infected system. The detailed blog by Symantec sums up the damage that Narilam can cause: "Given the types of objects that the threat searches for, the targeted databases seem to be related to ordering, accounting, or customer management systems belonging to corporations."

The result is that a targeted organization can suffer significant disruption and even financial loss while restoring the database, says Symantec. The company predicts that those affected by the threat will have "a long road to recovery ahead of them."

While the infection appears to be concentrated in Iran, as well as in a few other locations scattered in the U.K. and the U.S., its discovery has grave and wide-ranging implications on businesses.

For more:
- see this article at Computerworld

Related Articles:
MySQL vulnerability opens MySQL to password exploit
MySQL.com falls to SQL injection attack