"Reuters The Federal Bureau of Investigation warned U.S. businesses that hackers have used malicious software to launch a destructive cyberattack in the United States, following a devastating breach last week at Sony Pictures Entertainment. Cybersecurity experts said the malicious software described in the alert appeared to describe the one that affected Sony, which would mark first major destructive cyber attack waged against a company on U.S. soil. Such attacks have been launched in Asia and the Middle East, but none have been reported in the United States. The FBI report did not say how many companies had been victims of destructive attacks. 'I believe the coordinated cyberattack with destructive payloads against a corporation in the U.S. represents a watershed event," said Tom Kellermann, chief cybersecurity officer with security software maker Trend Micro Inc. "Geopolitics now serve as harbingers for destructive cyberattacks.'.................. The five-page, confidential "flash" FBI warning issued to businesses late on Monday provided some technical details about the malicious software used in the attack. It provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware. The report said the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up. 'The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,' the report said. The document was sent to security staff at some U.S. companies in an email that asked them not to share the information................... Monday's FBI report said the attackers were 'unknown.'............ The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea. " http://in.reuters.com/article/2014/12/02/sony-cybersecurity-fbi-idINKCN0JF3AD20141202?rpc=401
http://www.symantec.com/connect/blogs/destover-destructive-malware-has-links-attacks-south-korea Some samples of Destover share a C&C server with Volgmer and also share similarities with Jokra and Shamoon.
