Spyware tainted Iran talks site
Virus similar to one Israel is suspected of producing
“In terms of exact data they were collecting ... we aren’t providing those details at this time.” Kurt Baumgartner, principal security researcher at Kaspersky
A cyber-spy program was found in computers at European hotels and other sites that hosted Iran nuclear talks in the past year, according to computer security firm Kaspersky Lab.
Although Kaspersky would not identify the nation behind the spyware, computer experts see similarities to one Israel is suspected of producing, Wired technology magazine said Wednesday.
The spyware delivered “a huge list of capabilities” to the Iran talks sites, said Kurt Baumgartner, principal security researcher at Kaspersky. The list included the ability to monitor communications over hotel Wi-Fi, interact with surveillance cameras and monitor audio equipment.
Kaspersky said it first found the program spying on its own network. When it investigated other computers infected by the same virus, it discovered the spyware where negotiators from Iran, Germany and U.N. Security Council members worked on a deal to limit Iran’s nuclear program in return for lifting economic sanctions.
The software is a more sophisticated version of spyware known as Duqu, similar to the Stuxnet attack that sabotaged Iranian nu- clear sites in 2010, Wired said. Computer security experts widely believe Stuxnet was developed by a U.S.-Israeli team.
Wired said various researchers suspect that Israel alone created the first version of the Duqu virus. Kaspersky has not said whom it suspects created Duqu 2.0, except to say a nation-state appears to be behind the attack. Kasper- sky said it believes the spyware was developed by the same team that produced the previous version.
The Israeli government, an outspoken opponent of the emerging nuclear deal with Iran, has never commented on allegations it has engaged in cyberattacks. The nuclear negotiations face a June 30 deadline for a deal.
Baumgartner said the group that developed Duqu 2.0 made it hard to trace. “In terms of exact data they were collecting and how they went about doing that, we aren’t providing those details at this time because there are law enforcement agencies conducting investigations,” he said.
Wired described it as “a case of the watchers watching the watchers who are watching them.”