Symantec finds malware that corrupts SQL databases

By Stuart Sumner
26 Nov 2012 View Comments
IBM datacentre System i5

Security vendor Symantec, the firm behind the Norton Antivirus product among others, has warned of a new type of malware that is able to modify corporate databases.

The threat, which Symantec has named W32.Narilam, has the functionality to update a Microsoft SQL database if it is accessible by OLEDB.

It replaces certain items in corporate databases with random values and is also able to delete tables.

"The malware does not have any functionality to steal information from the infected system and appears to be programmed specifically to damage the data held within the targeted database," wrote Symantec in a blog post. "Given the types of objects that the threat searches for, the targeted databases seem to be related to ordering, accounting, or customer management systems belonging to corporations."

The security vendor advises firms to back up databases and keep security software and other systems patched and up to date.

"Unless appropriate back-ups are in place, the affected database will be difficult to restore. The affected organisation will likely suffer significant disruption and even financial loss while restoring the database. As the malware is aimed at sabotaging the affected database and does not make a copy of the original database first, those affected by this threat will have a long road to recovery ahead of them."

Reader comments
blog comments powered by Disqus
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

37 %
27 %
15 %
21 %