After suffering a devastating cyber attack by the ‘Stuxnet’ virus engineered by Israel and the US, Iran learnt from the experience to create the ‘Shamoon’ virus.
The US National Security Administration (NSA) suspects that Iran's state hackers learned from previous attacks against its networks and created the ‘Shamoon’ virus which infected 30,000 computers of the Saudi-American oil company, ARAMCO in 2012 besides infiltrating over 50 aerospace, airline and petrol corporations, hospitals and universities all over the world.
Reporting from the contents of 2002 NSA documents leaked by Edward Snowden, Silicon Republic said that the NSA is worried that Iran’s cyber weapons are becoming more and more potent, as it continues to improve on its enemies tactics.
It widely believed that the US was responsible for creating and using the Stuxnet worm to infect the centrifuges to be installed in Iran's nuclear plant. Israel followed using another virus called Flame. Iran suffered a separate attack against its oil industry, which targeted and destroyed its computers.
Using the knowledge it gathered from all those instances, Iran is believed to have created the Shamoon which erases data in all its victims' computers, rendering their HDDs/SSDs useless. During the Saudi Aramco incident, it replaced all the info with an image of a burning American fan. Shamoon is supposed to have inspired the malware that took down Sony Picture's computers which the FBI says was orchestrated by North Korea.