HomeFeaturesDailyBriefingsRapidReconSpecial ReportsAbout Us

Arabic Worm: Evolution of Cyber Threat?

Courtesy of the online terrorist hunters at Internet Haganah:

A seemingly harmless worm spreading around the world could point the way to an explosion in Arabic viruses, according to one security vendor. Masaki Suenaga, a security response engineer at Symantec, claimed that Arabic elements within the W32.Alnuh worm could be a test to see how users react.

Discovered on 31 May, W32.Alnuh spreads harmlessly and only terminates programs to protect itself. The worm closes Windows Task Manager, Registry Editor, Command Prompt and the Folder Options in Windows Explorer in both English and Arabic versions of the Windows operating system.

Nay-sayers will be quick to point out the harmless nature of the virus itself, but the Alnuh worm is merely following a familiar pattern of malicious code development:

"W32.Alnuh looks like just an experiment by the author," Suenaga said on the company's website. "After they have done their homework, they might step to the next stage to make a more complicated virus."

Indeed, it is common for novice malcode authors to feel their technical oats with a proof-of-concept prior to including more complicated and potentially damaging code.

Muslim hackers have long trailed their malicious cohorts in other parts of the world; most “cyber wars” associated with the Middle East being little more than digital graffiti-fests. The evolution of Alnuh and other malcode originating in the Middle East bears watching lest it indicate (finally) the start of an evolution of the cyber threat from this quarter.