Skip to main content

Iran dismisses threat of Narilam malware

Iranian authorities have played down the significance of the recently reported Narilam malware, after US security giant Symantec released a report on the threat last week (opens in new tab).

The firm’s official blog warned organisations about the potential “chaos” brought by the data-sabotaging ‘W32.Narilam’ malware, and posted a map identifying Iran as the main victim of the threat. The worm is said to copy itself onto infected machines, add registry keys, and spread through removable drives and network shares. Symantec likened it to the devastating Stuxnet and Flame viruses which ravaged networks across the Middle East – most notably in Iran.

But the Islamic Republic’s cyber emergency response team, the Maher centre, has since issued a statement (opens in new tab) which claims Symantec’s report “shows some misunderstanding”.

“The malware called "narilam" by Symantec was an old malware, previously detected and reported online in 2010 by some other names. This malware has no sign of a major threat, nor a sophisticated piece of computer malware,” the announcement reads.

The Maher centre goes on to claim the threat is not widespread and can only corrupt the databases of certain products made by a particular Iranian software company. The group believes it has been launched in a bid to harm the company’s reputation, while the “simple” malware is apparently “not a threat for general users and need[s] no special care.”

Frequently on the receiving end of cyber-sabotage and -espionage attacks, Iran has previously announced its intention to launch a domestic intranet (opens in new tab) that will protect the country’s intelligence and major organisations.

Will began working life as a technology journalist at ITProPortal as Senior Staff Writer. He's worked as a Copywriter, then Creative Lead across video, social, email, web and print. He is currently a Senior Content Strategist at Zone.