Posts Tagged Iran

Iran threatens cyber-attackers with ‘teeth-breaking’

DUBAI: The United States will face a “teeth-breaking” response if it continues to carry out cyber attacks against Iran, an Iranian official said on Wednesday.

Iran has previously accused the United States and its allies of trying to sabotage its disputed nuclear programme by using computer worms like Stuxnet, which caused centrifuges at the country’s main enrichment facility to fail in 2010.

“If the Americans’ futile cyber attacks do not stop, it will face a teeth-breaking response,” the Iranian Students’ News agency quoted an unnamed cyber security official as saying. He gave no further details.

Last month, Iran said it had detected plans by the United States, Israel and Britain to launch what it said was a massive cyber strike, after diplomatic efforts to curb Tehran’s nuclear programme broke down.

Western powers believe Iran wants to produce atomic bombs, a charge Tehran denies. It says it only wants the technology to generate medical isotopes to treat cancer patients.

The United States and the European Union have imposed tough sanctions on Iran, including an oil embargo, which have severely weakened its currency and driven up inflation.

, , , ,

Leave a comment

Flame virus linked to Stuxnet: Researchers

WASHINGTON: The Flame computer virus which has been raging in the Middle East has strong links to Stuxnet, a malware program widely believed to have been developed by the United States or Israel, a security firm said Monday.

Kaspersky, the Russian computer security firm credited with discovering Flame last month, said its research shows the two programs share certain portions of code, suggesting some ties between two separate groups of programmers.

Kaspersky researcher Alexander Gostev said in a blog post that a first examination made it appear the two programs were unrelated.

“But it turns out we were wrong,” he wrote. “Our research unearthed some previously unknown facts that completely transform the current view of how Stuxnet was created and its link with Flame.”

Gostev said Flame, even though it was discovered just recently, appears to predate Stuxnet, which was created in 2009.

“By the time Stuxnet was created (in January-June 2009), the Flame platform was already in existence (we currently date its creation to no later than summer 2008) and already had modular structure,” he said.

“The Stuxnet code of 2009 used a module built on the Flame platform, probably created specifically to operate as part of Stuxnet.”

This, he said, points to the existence of “two independent developer teams… (each) developing its own platform since 2007-2008 at the latest.”

Kaspersky, one of the world’s biggest producers of anti-virus software, said the Flame virus was “about 20 times larger than Stuxnet,” the worm which was discovered in June 2010 and used against the Iranian nuclear program.

High concentrations of computers compromised by Flame were also found in Lebanon, the West Bank and Hungary. Additional infections have been reported in Austria, Russia, Hong Kong and the United Arab Emirates.

Compromised computers included many being used from home connections, according to security researchers who were looking into whether reports of infections in some places resulted from workers using laptops while traveling.

Stuxnet was designed to attack computer control systems made by German industrial giant Siemens and commonly used to manage water supplies, oil rigs, power plants and other critical infrastructure.

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there. The worm was crafted to recognize the system it was to attack.

Some reports say US and Israeli intelligence services collaborated to develop the computer worm to sabotage Iran’s efforts to make a nuclear bomb.

Johannes Ullrich, a researcher at the Washington-based SANS Technology Institute, said the relationship between the two viruses remains unclear.

“Flame did initially appear very different, and I still think it wasn’t written by the same group or individual that wrote Stuxnet,” Ullrich told AFP.

“However, this doesn’t mean that the two groups didn’t coordinate or share code with each other. I do think this may have been the case with Stuxnet and Flame… the code could have been written by two different contractors who worked for the same government and as a result had access to each other’s resources.”

, , ,

Leave a comment

Israel unleashes spyware virus on Iran, other countries

Jerusalem, May 29: An unprecedented “cyber espionage worm” considered the most sophisticated spyware virus yet may have been unleashed by Israel to hit Iran and other Middle Eastern countries, with the possible aim of crippling Tehran’s nuclear ambitions.
Security experts discovered the new data-stealing virus dubbed Flame which they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign.
Russia-based Internet security company Kaspersky Lab that uncovered the virus ‘Flame’ said it has attacked computers in Iran and elsewhere in Middle East and may have been designed to collect and delete sensitive information.
Israeli vice Prime Minister Moshe Ya’alon’s comments justifying such a measure triggered speculations that Flame may have originated from his country.
“Anyone who sees the Iranian threat as a significant threat – it’s reasonable [to assume] that he will take various steps, including these, to harm it,” Ya’alon told the Army Radio in an interview today.
In Tehran, Iranian authorities admitted that the malicious software dubbed “Flame” has attacked its computer and systems and instructed to run an urgent inspection of all cyber systems in the country.
Iran’s MAHER Center, which is part of the Islamic Republic’s Communication ministry, said that the Flame virus “has caused substantial damage” and that “massive amounts of data have been lost,” Ynetnews reported.
But Iran’s telecommunications ministry also claimed that it had developed software to clean this malware. Kaspersky, one of the world’s biggest producers of anti- virus softwares, said the bug had infected computers in Iran, the West Bank, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
Flame is “actively being used as a cyber weapon attacking entities in several countries,” Kaspersky said in a statement, describing its purpose as “cyber espionage”.
“The complexity and functionality of the newly discovered malicious programme exceed those of all other cyber menaces known to date,” the statement said.
The Internet security company also said that Flame contained a specific element that was used in the Stuxnet worm and which had not been seen in any other malware since.
On its blog, Kaspersky called Flame a “sophisticated attack toolkit,” adding that it was much more complex than Duqu, the vehicle used to deliver Stuxnet.
The Stuxnet bug, discovered in June 2010, targeted primarily Iranian computers.
Iran admitted that the worm had damaged centrifuges operating at an uranium enrichment facility at Nantaz.

, , , ,

Leave a comment