Iranian nuclear facilities have reportedly been attacked by a “music” virus, turning on lab PCs at night and blasting AC/DC’s “Thunderstruck.”
Mikko Hypponen, Chief Researcher at Finnish digital security firm F-secure, publicly released a letter he received from an unnamed Iranian scientist. The researcher, who claimed to work for the Atomic Energy Organization of Iran (AEOI), said that another virus has struck the Natanz uranium enrichment facility in central Iran and a secret underground research facility at Fordo, southwest of Tehran.
The letter’s author reported that the virus shut down equipment (made by Germany’s Siemens Corporation) and automated systems at both research centers.
Hypponen published the letter on his blog, but cautioned that there is no way for him to verify the accusations. He was able to confirm, however, that the letter did originate from the AEOI’s servers.
The letter, which was reportedly sent to various cybersecurity experts, said that Metasploit’s Penetration Testing Software had been used to direct this new attack on Iran’s nuclear facilities.
The scientist stressed that he is not a cybersecurity specialist, and does not have detailed information on the virus.
“There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC,” the scientist wrote.
If true, this attack is the third hacking attempt aimed at Tehran’s controversial nuclear program. In 2010, the state-of-the-art Stuxnet virus set Iran’s nuclear ambitions back by at least two years.
In May 2012, experts at Russia’s Kaspersky Laboratories exposed another Trojan virus called Flame, which was designed to spy on web activity in Iran and some Middle Eastern countries. Russian cybersecurity experts labeled Flame “probably the most complicated virus ever.”
Iran claimed to have found a way to neutralize Flame.