Wiper
StoneDrill
First seen: 2016-01 • Status: inactive
Currently Inactive
StoneDrill is another Iranian wiper like Shamoon. It is better at hiding from antivirus and has been used against Saudi Arabia.
Overview
StoneDrill is a wiper linked to APT33 (Iran). It has code similarities to Shamoon but with more advanced evasion techniques.
How It Spreads
- • Targeted attacks
- • Spear-phishing
What It Does
- • Wipes hard drives
- • Browser credential theft
- • Evasion techniques
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for disk wiping activity
- • Watch for APT33 indicators
MITRE ATT&CK Techniques
T1561, T1027
If You're Infected
- 1.
Data destruction is permanent
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required