Wednesday, June 10, 2015

Data-collecting spyware reportedly found at Iran nuclear talk venues

Data-collecting spyware reportedly found at Iran nuclear talk venues


BRIAN MURPHY 
10:26 AM

Data-siphoning spyware widely believed used by Israeli intelligence has been detected at venues used for nuclear talks with Iran, an Internet security firm said Wednesday, but the extent of possible security breaches was not immediately clear.

Moscow-based Kaspersky Lab said the virus detected is an upgraded version of the Duqu malware, which was first identified in 2011 and is believed to be related to theStuxnet computer worm that in 2010 infiltrated the systems at Iran’s uranium-enrichment sites and caused significant setbacks.

Iran blamed the Stuxnet attack on Israel and the United States, but the virus’s origins remain unclear. Duqu is a remote-access Trojan virus that collects information, which could be used for intelligence or to probe further weaknesses in computer defenses.

[Another worry: A virus named Regin]

Fears of Web-based espionage — and measures to counter it — have received increasing attention from government and military leaders around the world. Last year, U.S. officials said Israel appeared to be spying on the nuclear talks, which seek to limit Tehran’s nuclear program in exchange for easing sanctions. 

Negotiators from Iran and world powers are pushing to reach an accord before a self-imposed June 30 deadline, but some envoys have suggested the talks could be extended.

There was no immediate comment on the report from U.S. officials or other nations involved in the nuclear talks. There also was no reaction from Israel, which has never confirmed or denied the suspected links to Stuxnet and other malware.

The Kaspersky report gave no specific details about the reach of the Duqu virus at the sites of the negotiations, which have been held recently in Zurich but also have been conducted at lower levels in Vienna and elsewhere. 

Kaspersky did not specifically identify any country linked to the virus, which it dubbed “Duqu 2.0.” But many Internet security experts in the past have said Duqu and Stuxnet appear developed and deployed by Israel.

Kaspersky said the Duqu 2.0 malware also was found in networks related to events in January to mark the 70th anniversary of the liberation of the Auschwitz-Birkenau concentration camp.

No comments:

Post a Comment