Researchers have detected new cases of a previously discovered worm, Narilam, which is targeting accounting applications in corporate databases throughout the Middle East
Symantec, which on Thursday published an analysis of the malware, found that Narilam had infected Microsoft SQL systems and was capable of modifying and deleting sensitive data and tables of its victims. Narilam, which likely began spreading as early as late 2009, may have capabilities reminiscent of other Middle Eastern-targeted malware, but its source is likely a smaller network, according to Symantec.
While the worm does not steal information from infected computers, it is coded to tamper with or sabotage databases. So far, Narilam has targeted databases, primarily in Iran, used for customer management and accounting purposes. Computers running Windows 7, Windows Server 2008, Windows Vista and XP have been impacted by the worm.