Computer worm enabled spying on Iran talks

2015-06-10 23:39
Screen grab released by the Kaspersky Lab site shows a program of the computer virus known as Flame. (Kaspersky Lab, AFP)

Screen grab released by the Kaspersky Lab site shows a program of the computer virus known as Flame. (Kaspersky Lab, AFP)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Washington - A computer worm designed to gather foreign intelligence and widely linked to Israel was used to spy on negotiations with Iran on curtailing its nuclear programme, security researchers said on Wednesday.

A report by the Russian-based security firm Kaspersky Lab said it discovered the malware dubbed Duqu lurking in its own internal networks and linked the effort to intelligence gathering on the 2014-15 talks with Tehran.

Duqu, which was believed to have been eradicated in 2012, is a sophisticated spy tool similar to the Stuxnet virus.

"The Duqu threat actor went dark in 2012 and was believed to have stopped working on this project - until now," Kaspersky said in a blog post.

"Our technical analysis indicates the new round of attacks include an updated version of the infamous 2011 Duqu malware, sometimes referred to as the stepbrother of Stuxnet."

The Stuxnet computer virus, believed to have been developed by the United States or Israel in order to contain threats from Iran, dates back at least to 2007, according to researchers.

Kaspersky researchers said the latest version of Duqu was difficult to detect because it did not change any system settings on computer networks.

The researchers first found the malware on their own systems and then discovered it was targeting victims in Western countries, the Middle East and Asia.

Launched attacks

"Most notably, some of the new 2014-2015 infections are linked to the P5+1 events and venues related to the negotiations with Iran about a nuclear deal," the company said in a statement.

"The threat actor behind Duqu appears to have launched attacks at the venues where the high level talks took place."

In addition Duqu 2.0 was used to conduct surveillance on politicians and dignitaries attending the 70th anniversary event of the liberation of the Auschwitz-Birkenau concentration camp, according to Kaspersky.

"Besides intellectual property theft, no additional indicators of malicious activity were detected," the statement said.

"The analysis revealed that the main goal of the attackers was to spy on Kaspersky Lab technologies, ongoing research and internal processes. No interference with processes or systems was detected."

The Wall Street Journal, which reported the findings earlier on Wednesday, said Kaspersky's research backs its earlier reports that Israel was spying on the nuclear talks.

Read more on:    kaspersky lab  |  us  |  russia  |  israel

Join the conversation! encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.