Mahdi is computer malware that was initially discovered in February 2012 and was reported in July of that year.
[1] According to Kaspersky Lab and Seculert (an Israeli security firm which discovered the malware), the software has been used for targeted cyber espionage since December 2011, infecting at least 800 computers in Iran and other Middle Eastern countries.
According to the security experts, Mahdi malware works apparently at a lower level than Stuxnet and is made using existing public softwares.
[3] The targets of this malware include sensitive infrastructure companies, computers of engineering students, financial service institutions, and official government embassies.
[4] Mahdi malware allows attackers to steal files from an infected computer and monitor emails and text messages/chats.