Tag: computer virus

Stuxnet is only the tip of the iceberg

Stuxnet, the world-famous computer worm that destroyed Iran’s centrifuges at the Natanz uranium enrichment plant, was only one part of a much larger operation. Nitro Zeus, as the plan was known internally, was to target Iran’s communications systems, key parts…

New wiper virus targets Iranian computers

AFP Photo/Behrouz Mehri
Iran has been subjected to another attack by a virus capable of wiping the data on infected PCs. Antivirus experts suggest the virus has been active for at least two months and expect the next attack to take place during January, 2013.
­Iran’s Maher Computer Emergency Response Team Coordination Center has issued a warning, cautioning that the new malware continuously erases data from the hard disk drives, despite the simplicity of design and functionality, as it slips into the PC without being detected by the antivirus and anti-malware programs.
The Maher Center said the malware’s installer, also known as the dropper, is called GrooveMonitor.exe, believed to be named that way as a disguise associated with a legitimate Microsoft Office 2007 document feature called Microsoft Office Groove.
Dubbed the Batchwiper, the virus erases drive partitions starting with the letters D through I on Windows operating system, in addition to files stored on the user’s desktop.

Iran under mysterious ‘Flame’ Cyber attack

By News Max Security experts have discovered a highly sophisticated computer virus in Iran and other Middle East countries that they believe was deployed at least five years ago to engage in state-sponsored cyber espionage. Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that claimed responsibility for discovering the virus.

Kaspersky researchers said on Monday they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.

Iran has accused the United States and Israel of deploying Stuxnet.

Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.

The Hydrogen Bomb of Cyberwarfare?

Aug. 11, 2011: A computer forensic examiner looks for evidence on hard drives at the Department of Defense Cyber Crime Center in Linthicum, Md.

If the Stuxnet virus was the atom bomb of cyberwarfare, then the discovery this week of the “Duqu” virus is the hydrogen bomb, security experts are warning.

It is the second major weaponized virus to turn computers into lethal weapons with devastating destructive power.

The new program, discovered by Symantec on Tuesday with the help of an unnamed research lab, uses much of the same code as the 2010 Stuxnet virus did. But instead of destroying the systems it infects, Duqu secretly penetrates them and, according to some experts, creates “back door” vulnerabilities that can be exploited to destroy the networks at any time its creators may choose.

1000 centrifuges may have been destroyed


Malicious computer virus accelerated, wrecked motors and may have decommissioned uranium enrichment centrifuges, think tank concludes.
The Stuxnet virus that has infected Iran’s nuclear installations may have been behind the decommissioning of 1,000 centrifuges at the Natanz uranium enrichment facility earlier this year, according to a new analysis of the malicious software.

Prepared by the Washington-based Institute for Science and International Security, the paper raised the possibility that the reported breakage of 1,000 centrifuges was caused by the virus.

According to the paper, the timing of the removal of 1,000 centrifuges was consistent with a statement made last month by Ali Akbar Salehi, then-head of Iran’s Atomic Energy Organization and recently appointed as the country’s foreign minister, who confirmed in an interview: “One year and several months ago, Westerners sent a virus to [our] country’s nuclear sites.”

Computer worm attacks Irans nuclear power plant

Foreign media has speculated that the worm is aimed at disrupting the Bushehr nuclear plant [EPA]

Iran’s nuclear agency is trying to combat a complex computer worm that has affected industrial sites throughout the country and is capable of taking over the control systems of power plants, Iranian media reports have said.

Experts from the Atomic Energy Organisation of Iran met this week to discuss how to remove the malicious computer code, or worm, the semi-official Isna news agency reported on Friday.

No damage or disruption of nuclear facilities has yet been reported, however.

The computer worm, dubbed Stuxnet, can take over systems that control the inner workings of industrial plants.