Is it possible that Iran’s Atomic Energy Organisation has been hit with a new and bizarre malware attack?
The jury is still out on whether an e-mail purporting to come from an Iranian scientist, reporting an attack on the atomic facility, is for real.
Mikko Hypponen, chief research officer at F-Secure, received a series of mails over the weekend.
He writes on his blog that the mails were sent by a scientist working at the Atomic Energy Organisation of Iran (AEOI).
Hypponen has confirmed that the mails were indeed sent from within the AEOI.
They were apparently an attempt by the scientist to publish information about Iranian nuclear systems getting struck by yet another cyber attack.
The scientist wrote:
“I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
“According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
“There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC.”
Hypponen says he is “not sure what to think about this. We can’t confirm any of the details.”