A HP StoreOnce Backup ad next to the Saudi Aramco hack details at pastebin.
The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-mails, files — replacing all of it with an image of a burning American flag.
United States intelligence officials say the attack’s real perpetrator was Iran, although they offered no specific evidence to support that claim.
That virus — called Shamoon after a word embedded in its code — was designed to do two things: replace the data on hard drives with an image of a burning American flag and report the addresses of infected computers — a bragging list of sorts — back to a computer inside the company’s network.
Shamoon’s code included a so-called kill switch, a timer set to attack at 11:08 a.m., the exact time that Aramco’s computers were wiped of memory. Shamoon’s creators even gave the erasing mechanism a name: Wiper.
Aramco’s attackers posted blocks of I.P. addresses of thousands of Aramco PCs online as proof of the attack.
Tags: saudi aramco hacked, saudi aramco cyberattack, hp ad at saudi aramco hacked, hp data storage ad, saudi aramco pastebin