It's not entirely clear how the malware is moving from computer to computer, said Ars Technica, and although it is simpler malware than the powerful Flame virus that hit Iran earlier this year, it is still difficult to get rid of.
Its origin and purpose are similarly obscure, according All Things Digital's Arik Hesseldahl, writing that it "maybe targeting computers associated with the Iranian nuclear research program, maybe not."
Iran has accused the US and Israel of being behind the Flame attack as well as the Stuxnet virus. Such attacks are seen as en effort to cripple the Islamic Republic's nuclear program, which Western countries fear is being used to make a bomb. Iran denies this.
Russia's Kaspersky Lab said the new malware is a variant of a known Trojan and dubbed it GrooveMonitor.
"Despite its simplicity in design, the malware is efficient and can wipe disk partitions and user profile directories without being recognized by antivirus," Business Insider cited the Iranian CERT advisory as saying on Sunday. "However, it is not considered to be widely distributed."