Computer Virus Causing Iranian Computers To Play AC/DC?
Mikko Hypponen, lead researcher at the Finnish computer security firm F-Secure, says he received “a series of emails from Iran” this weekend about a new rockin’cyber attack on nuclear research facilities there. He posted the text of one email to his blog:
I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC.
This seems like some variant of a Nigerian scam email, but Hypponen says he’s verified it really was sent from Iran’s Atomic Energy Organization. And Hypponen, a legendary computer virus hunter, has received emails like this from Iranian authorities in the past. Last month he wrote inWired about how an Iranian computer security analyst had emailed him to notify him about the Flame spyware that was infecting Iranian computers. Flame was developed by the U.S. and Israel to spy on Iranian computer networks in advance of future cyber warfare campaigns, according to the Washington Post.
The program mentioned in the email, Metaspoilt, costs around $3,000 to create, far less than the estimated $3,000,000 it took to create Stuxnet. So, personally, I would’ve gone with Dirty Deeds Done Dirt Cheap.
Found via Twitter