On March 4, 2015, the Iranian security researcher C3phalex1n posted an article on a botnet worm named RAMNIT. The worm has been active since 2010 and migrates via removable drives. It infects public FTP servers and exploits advertisements on websites and social media. The worm has thus far affected over 3.2 million systems around the world.
Source: Irancybernews.org, March 4, 2015.