7/24/2012

Cyber Warfare: Iran's Nuclear Computer 'Forced to Play AC/DC' by Computer Malware

By Gianluca Mezzofiore July 24, 2012 10:50 AM GMT
clip_image002
AC/DC's Johnson and Young perform in London (Reuters)
A computer malware has allegedly attacked computer systems in Iran forcing them to play AC/DC's Thunderstruck at full volume in the middle of the night, according to a computer security researcher.
Mikko Hypponen, lead researcher at the Finnish computer security firm F-Secure, reported in his blog that a scientist working at the Atomic Energy Organisation of Iran (AEOI) sent him an e-mail about his systems getting hit by a cyber-attack.
"I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom," reads the email.
"According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used," it continued.
Metasploit, an open-source project used to find vulnerabilities in software, is reportedly very easy and cheap to develop.
"There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out," the e-mail reads. "I believe it was playing 'Thunderstruck' by AC/DC." <1--more-->
Hypponen said he has verified the e-mail was sent from Iran's AEOI. It is not the first time the well-known computer virus hunter receives e-mails form Iranian authorities. During the Flame spyware case, he reported in Wired about how an Iranian computer security analyst had contacted him to notify him about the virus.
Speaking to IBTimes UK at F-Secure's security lab in Helskinki, Hypponen maintained that a covert US government intelligence agency was behind Flame.
Flame was discovered in June having gone undiscovered for at least two years, thanks to the sophistication of the software involved.
It has been described as one of the most complex pieces of malware ever discovered. Flame infected computers in the Middle East, in countries such as Iran, Israel and Sudan, with the majority of infected computers, according to Kaspersky's data, being in Iran.
Calling it the James Bond of the malware world, Hypponen admitted his company's was impotent against Flame. It allowed those who created it to search for and upload documents and files on a remote computer, watch and listen to what's taking place around the infected PC by turning on the camera or microphone, and even copy the address book from mobile phone within range of the computer.
Unlike Metasploit, Flame cost $10m to develop.
Read more:
http://www.ibtimes.co.uk/articles/366158/20120724/ac-dc-iran-malware-flame-metasploit-hypponen.htm
Enhanced by Zemanta