Iran dismisses severity of Narilam malware

Iran dismisses severity of Narilam malware

Summary: Government officials say Symantec's report on the recently discovered Narilam malware, targeting Iran, shows "some misunderstanding" and play down significance and severity of the worm.


Iraninan authorities have played down the severity of the Narilam malware for which Symantec issued a warning last week. 

A blog post by the U.S. security giant warned organizations of potential "chaos" posed by the W32.Narilam malware, and posted a map identifying Iran as the main victim of the threat. The malware reportedly copies itself on infected machines, adds registry keys and spreads through removable drives and network shares. It has been likened to previous high profile virus, Stuxnet, which hit several networks in the Middle East, particularly, Iran.

However, a statement released by the country's cyberemergency team, the Maher Center, on Monday said Symantec's report exhibited "some misunderstanding" about the malware. The Narilam malware was an old one, previously detected and reported online in 2010 by some other parties, the statement said. It also did not have indications of a major threat r a sophisticated piece of computer malware, the Maher Center added.

It added the threat also was not widespread and only able to corrupt databases of some products made by a particular Iranian software company. The malware had been launched in a bid to harm the software vendor's reputation, but the "simple" malware would not pose a threat to general users and needed "no special care", the Maher Center said.

Iran is frequently on the receiving end of cyberattacks. A complex data-stealing malware, Flame, in May hit the country's businesses, universities, and governments, while the Iraninan Offshore Oil Company reportedly accused China and Israel as the main culprits behind an attack on its computer network in October.

This prompted Iran to move to a domestic Internet system, which it says would improve the country's cybersecurity wellbeing.

Topics: Security, Government, Malware

Ellyne Phneah

About Ellyne Phneah

Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • "Pay no attention to the man behind the curtain"

    or more appropriately "...and reported online in 2010 by some other names."

    Whomever posted the "misunderstanding" response from Iran sounds a bit like Baghdad Bob.

    Say it's wrong but don't say HOW it's wrong? So tell me Iranian cyberemergency team, what other names has this been reported under?
  • Let Them Believe That

    If they believe it's no big deal, then let them believe it. Hopefully, that virus will most likely re-program all of their missle guidance systems to turn around after launch and attack the launch site. Good riddance Iran.
  • Surprised?

    The high technology experts in Iran saying that the malware is old and irrelevant. Old or not, I think Symantec is stating that Iran's computers are getting hit with it.
    Not surprised Iraninan Offshore Oil Company [what an original name!] said that Israel was behind some attacks, but China? Not the US?
    They can hide behind whatever curtain they create. they say to block out malware and sinful western stuff [ever heard of a firewall or your own DNS?] but more likely to make sure their citizens don't know the truth of what their government does.