StoneDrill has several “style” similarities to Shamoon, with multiple interesting factors and techniques to allow for the better evasion of detection. In addition to suspected Saudi targets, one victim of StoneDrill was observed on the Kaspersky Security Network (KSN) in Europe. This makes us believe the threat actor behind StoneDrill is expanding its wiping operations from the Middle East to Europe.
Government entities , Telecoms
StoneDrill embeds mostly Persian resource language sections.
A highly destructive wiper malware targeting organizations in Saudi Arabia, including those representing the government, industry, transport, and telecoms. It was also used in wiping attacks in Europe.