Iran claims national IT systems under renewed malware attack
Government claims second attack post Stuxnet
An Iranian government official has claimed that the country is being attacked by a new type of malware, dubbed Stars, in the wake of the earlier Stuxnet worm.
Iranian cyber security official Gholam-Reza Jalali told the Mehr news agency that Iran's cyber security team had discovered a worm which has been infiltrating government computer systems.
"Certain characteristics about the Stars worm have been identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial stage, and it is likely to be mistaken for executable files of the government," he said.
Jalali also accused the US and Israel of breaking international law by using the Stuxnet malware against the country's nuclear fuel generation systems.
Experts believe that Stuxnet was a government-designed piece of malware that may have disabled a quarter of the centrifuges Iran uses to produce nuclear fuels, something the Iranians deny.
"It must be taken into consideration that (the fact that we dealt with) Stuxnet does not mean that the threat has been completely eliminated, since worms have specific lifecycles and can continue their activities in other forms," he said.
"Therefore the country should prepare to tackle future worms since future worms, which may infect our systems, could be more dangerous than the first ones."
Security firms are in the dark about the Stars malware, as the Iranians have offered no samples to researchers and the name itself means very little, since they are assigned at random by the discoverer.
"Unfortunately, we can't tell you much about this Stars virus. As far as we know, we don't have a sample in our malware collection, and we would really need the Iranian authorities to share what they have seen with the anti-malware community so we can delve a little deeper," said Graham Cluley, senior technology consultant at Sophos.
"An MD5 checksum, for instance, would quickly help us ascertain if this is a sample of some malware that we've seen before."
Similarly Kaspersky Labs told V3.co.uk that the company could not comment, but had laboratory staff seeking traces of the malware.
V3 Latest
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
Intel NUC latest news: Intel releases two new NUCs and five NUC kits
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
Apple fanboy hacks company network - saves purloined files in folder called 'hacky hack hack'
'Notorious' Australian child hacker thought he had executed 'flawless' hack
Ex-employee accuses Tesla of spying on workers and ignoring drug cartel operating in Gigafactory
The former employee says that Tesla fired him for bringing the accusations to management internally
