|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:affectedArea
|
gptkb:Saudi_Arabia
|
|
gptkbp:alsoKnownAs
|
Disttrack
|
|
gptkbp:causedBy
|
gptkb:Shamoon_malware
|
|
gptkbp:connectsTo
|
Iranian threat actors
|
|
gptkbp:consequence
|
data destruction
30,000 computers wiped at Saudi Aramco
disruption of business operations
|
|
gptkbp:discoveredBy
|
gptkb:Kaspersky_Lab
gptkb:Symantec
2012
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Shamoon attack
|
|
gptkbp:malwareComponent
|
gptkb:Reporter
Dropper
Wiper
|
|
gptkbp:malwareLanguage
|
gptkb:C++
|
|
gptkbp:notableEvent
|
January 2017
August 2012
November 2016
|
|
gptkbp:notableVictim
|
gptkb:Saudi_Aramco
gptkb:RasGas
|
|
gptkbp:payload
|
delete files
display burning US flag image
overwrite master boot record
|
|
gptkbp:purpose
|
espionage
sabotage
|
|
gptkbp:relatedTo
|
gptkb:Iran
gptkb:APT33
|
|
gptkbp:target
|
gptkb:Saudi_Aramco
gptkb:RasGas
|
|
gptkbp:usesCredentialTheft
|
true
|
|
gptkbp:usesHardcodedCredentials
|
true
|
|
gptkbp:usesMalware
|
wiper malware
|
|
gptkbp:usesNetworkPropagation
|
true
|
|
gptkbp:vectorFor
|
phishing emails
malicious files
|
|
gptkbp:bfsParent
|
gptkb:Saudi_Aramco_cyberattack
|
|
gptkbp:bfsLayer
|
7
|