Iran Fights Off Duqu Malware Attack

The Islamic Republic of Iran has publicly confirmed that its computer systems were targeted by the Duqu worm, but claims to have successfully “controlled” the attack.

The admission came in an official Iranian statement, and it is not clear at the time of writing whether Duqu also struck Iran’s nuclear facilities.

“We are in the initial phase of fighting the Duqu virus,” Brigadier General Gholamreza Jalali, the head of Iran’s civil defence programme, was widely quoted as saying.

Attack Controlled

But Iran also claimed that it had found a way to “control” Duqu.

“The software to control the (Duqu) virus has been developed and made available to organisations and corporations” in Iran, Jalali told the official Iranian IRNA news agency.

“The elimination (process) was carried out and the organisations penetrated by the virus are under control … The cyber defence unit works day and night to combat cyber attacks and spy (computer) virus,” he said, adding that a final report into the attack was been organised.

Third Malware Attack

This is not the first time that Iran has been attacked by malware. The best known previous attack was with the Stuxnet worm, which compromised several industrial control systems at Iran’s Natanz nuclear facility last year.

Security firm Symantec has revealed that Duqu is similar to Stuxnet, which is capable of attacking and crippling industrial control systems made by German industrial giant Siemens. Last month Indian authorities seized hard drives from a server linked with the Duqu worm.

Stuxnet was considered one of the most sophisticated pieces of malware ever developed, and observers believe Iran’s nuclear program was set back a number of years by the malware attacks.

After Stuxnet, in April 2011 officials said the country’s facilities had been targeted again by a second piece of malware dubbed “Stars”.

Malware Author

Speculation has been ongoing about who actually developed Stuxnet, Stars, and Duqu, and whether a nation state was behind the worm, which takes advantage of a previously unknown Microsoft Windows kernel zero-day vulnerability, so it can plant malicious code in the heart of a computer system. Microsoft has subsequently issued a temporary Duqu workaround.

In January the New York Times reported that US and Israeli intelligence services had collaborated to develop Stuxnet in order to sabotage Iran’s efforts to make a nuclear bomb.

Whatever the truth, the malware attacks come at a time of heightened tension with Iran. A report last week from the International Atomic Energy Agency said that there was “credible evidence” that there were “military dimensions” to Iran’s atomic activities.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

Recent Posts

Meta Plans Subsea Cable For Its Own Exclusive Use – Report

World spanning subsea cable measuring 40,000km (or 24,854 mile) long, reportedly being planned by Meta…

2 days ago

Canada Sues Google For Alleged Anti-Competitive Conduct In Advertising

More legal trouble. Canada's Competition Bureau sues Google for alleged anti-competitive conduct in online advertising

2 days ago

German Government Plots €2 Billion For Chip Subsidies – Report

Is it enough? After Intel disappointment, Germany to offer approximately 2 billion euros in subsidies…

3 days ago

Google Asks Appeal Court To Throw Out Epic App Store Verdict

After Epic Games 2023 courtroom victory, Google appeal argues “dramatic redesign” of Play store will…

3 days ago

Intel Says $7.86bn Grant From US Will Restrict Foundry Spin-off

Chip giant's plan for Intel Foundry to be spun off as independent subsidiary will be…

3 days ago