Iran Fights Off Duqu Malware Attack

The Islamic Republic of Iran has publicly confirmed that its computer systems were targeted by the Duqu worm, but claims to have successfully “controlled” the attack.

The admission came in an official Iranian statement, and it is not clear at the time of writing whether Duqu also struck Iran’s nuclear facilities.

“We are in the initial phase of fighting the Duqu virus,” Brigadier General Gholamreza Jalali, the head of Iran’s civil defence programme, was widely quoted as saying.

Attack Controlled

But Iran also claimed that it had found a way to “control” Duqu.

“The software to control the (Duqu) virus has been developed and made available to organisations and corporations” in Iran, Jalali told the official Iranian IRNA news agency.

“The elimination (process) was carried out and the organisations penetrated by the virus are under control … The cyber defence unit works day and night to combat cyber attacks and spy (computer) virus,” he said, adding that a final report into the attack was been organised.

Third Malware Attack

This is not the first time that Iran has been attacked by malware. The best known previous attack was with the Stuxnet worm, which compromised several industrial control systems at Iran’s Natanz nuclear facility last year.

Security firm Symantec has revealed that Duqu is similar to Stuxnet, which is capable of attacking and crippling industrial control systems made by German industrial giant Siemens. Last month Indian authorities seized hard drives from a server linked with the Duqu worm.

Stuxnet was considered one of the most sophisticated pieces of malware ever developed, and observers believe Iran’s nuclear program was set back a number of years by the malware attacks.

After Stuxnet, in April 2011 officials said the country’s facilities had been targeted again by a second piece of malware dubbed “Stars”.

Malware Author

Speculation has been ongoing about who actually developed Stuxnet, Stars, and Duqu, and whether a nation state was behind the worm, which takes advantage of a previously unknown Microsoft Windows kernel zero-day vulnerability, so it can plant malicious code in the heart of a computer system. Microsoft has subsequently issued a temporary Duqu workaround.

In January the New York Times reported that US and Israeli intelligence services had collaborated to develop Stuxnet in order to sabotage Iran’s efforts to make a nuclear bomb.

Whatever the truth, the malware attacks come at a time of heightened tension with Iran. A report last week from the International Atomic Energy Agency said that there was “credible evidence” that there were “military dimensions” to Iran’s atomic activities.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago