The people behind the new "Mahdi," or "Madi," malware should be ashamed of themselves. Not for creating malware, but because Mahdi is embarrassingly ineffective, according to security researchers. The creators of the malicious program “Madi” or “Mahdi,” a new piece of malware that’s currently targeting victims in the Middle East, have an unusual reason for keeping their identities secret: Their software is embarrassingly bad. Seculert and Kaspersky Labs identified the program on Tuesday and you didn’t have to read too far between the lines to see that they were not impressed. From Kaspersky: The campaign relied on a couple of well known, simpler attack techniques to deliver the payloads, which reveals a bit about the victims online awareness. The first of the two social-engineering schemes that define spreading activity for this surveillance campaign is the use of attractive images and confusing themes embodied in PowerPoint Slide Shows containing the embedded Madi trojan downloaders. An “Activated Content” PowerPoint effect enables executable content within these spear-phish attachments to be run automatically. These embedded trojan downloaders in turn fetch and install the backdoor services and related “housekeeping” data files on the victim system. One example, “Magic_Machine1123.pps”, delivers the embedded executable within a confusing math puzzle PowerPoint Slide Show where the amount of math instructions may overwhelm a viewer. Note that while PowerPoint presents users a dialog that the custom animation and activated content may execute a virus, not everyone pays attention to these warnings or takes them seriously, and just clicks through the dialog, running the malicious dropper. (Emphasis added) In other words, Kaspersky thinks the malware is ugly and only a threat to idiots. Seculert called it, “Interesting, yet simple.” Interesting – that’s the word you use when you’re trying to be polite about something you loathe. As in, “Thomas Kinkade and Leroy Neiman were very … ummm … interesting painters.” Here’s a quote from NetworkWorld.com: It’s not clear if this is a state-sponsored attack, Seculert’s chief technology officer Aviv Raff said Tuesday via email. The Mahdi malware is not among the most complex cyberespionage threats ever found and, in fact, appears to have been written in a rush, he said. Costin Raiu, director of Kaspersky Lab’s global research and analysis team, told NetworkWorld that Mahdi is far less complex than recent attacks against Tibetan and Uighur activists. “At least those campaigns use some type of software exploits to install cyberespionage malware, whereas the Mahdi attackers relied solely on social engineering,” Raiu said. Ouch. Related content Opinion Why Bitcoins are Just as Viable as Any Other Currency The true value of any currency is a reflection of how much people believe it's worth, according to CIO blogger Constantine von Hoffman. But it's wise to remember just how fast beliefs can change. By Constantine von Hoffman Apr 15, 2013 4 mins Government Technology Industry Opinion No Surprise: Docs Show Obama Administration Lying About Drones President Obama has repeatedly said drones would only be used against members of al Qaida and allied groups. However, leaked intelligence documents show the administration has been using them to settle political and tribal feuds for at least four yea By Constantine von Hoffman Apr 10, 2013 3 mins Regulation Government Opinion How Big Data Can Quickly Become Big Garbage The bigger the data the bigger the chance of mistakes or inaccuracies. In that vein, a large database used by retailers to screen people accused of stealing from employers is identifying innocent people and could result in major lawsuits, according t By Constantine von Hoffman Apr 04, 2013 2 mins Big Data Opinion Why Crazy Trumps Logic on the Internet The earth is flat. Vaccines cause autism. 9/11 was a government conspiracy. These are just a few of the many ideas that continue to find adherents online despite overwhelming proof that they're not based on fact. CIO.com blogger Constantine von By Constantine von Hoffman Apr 02, 2013 3 mins Government Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe