Kaspersky Labs reports the “Mahdi” virus records keystrokes, audio and screenshots from infected computers. The researchers believe the virus may have originated in Iran because the virus communicates with a server in Tehran.
The malware is distributed via “rogue emails” that use social engineering to trick victims into opening infected PowerPoint files.
The name Mahdi comes from a prominent, messianic figure in the Muslim faith, according to the website.
This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.