Feeds

Iran says it was attacked by second computer worm

'Espionage virus' targets country's networks

Beginner's guide to SSL certificates

A senior Iranian commander said his country has been targeted by a second malware attack in addition to the Stuxnet worm that was designed to disrupt nuclear operations.

Iranian security personnel are still in the process of investigating the Stars computer worm, Brigadier General Gholam-Reza Jalali, told Iran's Mehr News Agency. The Associated Press quoted him as calling the malware an “espionage virus” that targeted undisclosed computer systems in his country.

“Certain characteristics about the Stars worm have ben identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial state, and it is likely to be mistaken for executable files of the government,” said Jalali, who heads Iran's Passive Defense Organization, a military unit in charge of combatting sabotage.

Jalali's claim follows the discovery in July of a worm that targeted SCADA, or supervisory control and data acquisition, computer systems throughout the world. Many researchers who have studied the so-called Stuxnet worm claim it was designed to sabotage Iran's nuclear facilities by causing centrifuges used in uranium enrichment to operate at unsafe speeds. The New York Times has said the highly sophisticated malware was jointly engineered by the US and Israel.

Last week, Jalali repeated claims that the US and Israel were behind the attack and went on to say those countries got help from German engineering firm Siemens, which built the industrial control system that was sabotaged by Stuxnet.

Jalali and other Iranian officials have said that Stuxnet managed to affect a limited number of Iran's centrifuges but that damage was contained after the discovery.

“It must be taken into consideration that (the fact that we dealt with) Stuxnet does not mean that the threat has been completely eliminated since worms have specific life cycles and can continue their activities in other forms,” Mehr quoted him as saying. “Therefore the country should prepare itself to tackle future worms since future worms, which may infect our systems, could be more dangerous than the first ones.”

There's no evidence researchers outside of Iran have examined the new worm.

“We can't tie this case to any particular sample we might already have,” F-Secure researcher Mikko Hypponen wrote in a blog post published Monday. “We don't know if this is another cyber attack launched by (the) US government. We don't know if Iran officials have just found some ordinary Windows worm and announced it to be a cyber war attack.” ®

Remote control for virtualized desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
prev story

Whitepapers

Seattle children’s accelerates Citrix login times by 500% with cross-tier insight
Seattle Children’s is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.