Feeds

Iran says it was attacked by second computer worm

'Espionage virus' targets country's networks

Beginner's guide to SSL certificates

A senior Iranian commander said his country has been targeted by a second malware attack in addition to the Stuxnet worm that was designed to disrupt nuclear operations.

Iranian security personnel are still in the process of investigating the Stars computer worm, Brigadier General Gholam-Reza Jalali, told Iran's Mehr News Agency. The Associated Press quoted him as calling the malware an “espionage virus” that targeted undisclosed computer systems in his country.

“Certain characteristics about the Stars worm have ben identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial state, and it is likely to be mistaken for executable files of the government,” said Jalali, who heads Iran's Passive Defense Organization, a military unit in charge of combatting sabotage.

Jalali's claim follows the discovery in July of a worm that targeted SCADA, or supervisory control and data acquisition, computer systems throughout the world. Many researchers who have studied the so-called Stuxnet worm claim it was designed to sabotage Iran's nuclear facilities by causing centrifuges used in uranium enrichment to operate at unsafe speeds. The New York Times has said the highly sophisticated malware was jointly engineered by the US and Israel.

Last week, Jalali repeated claims that the US and Israel were behind the attack and went on to say those countries got help from German engineering firm Siemens, which built the industrial control system that was sabotaged by Stuxnet.

Jalali and other Iranian officials have said that Stuxnet managed to affect a limited number of Iran's centrifuges but that damage was contained after the discovery.

“It must be taken into consideration that (the fact that we dealt with) Stuxnet does not mean that the threat has been completely eliminated since worms have specific life cycles and can continue their activities in other forms,” Mehr quoted him as saying. “Therefore the country should prepare itself to tackle future worms since future worms, which may infect our systems, could be more dangerous than the first ones.”

There's no evidence researchers outside of Iran have examined the new worm.

“We can't tie this case to any particular sample we might already have,” F-Secure researcher Mikko Hypponen wrote in a blog post published Monday. “We don't know if this is another cyber attack launched by (the) US government. We don't know if Iran officials have just found some ordinary Windows worm and announced it to be a cyber war attack.” ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
SMASH the Bash bug! Red Hat, Apple scramble for patch batches
'Applying multiple security updates is extremely difficult'
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Desperate VXers enslave FREEZERS in DDoS bot
Updated Spike malware targets Asia
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.