Gholam-Reza Jalali, the director of Iran’s Passive Defense Organization has announced that it has detected a new worm called Stars which is designed to spy on Iran’s government systems. Jalali did not reveal what facilities the worm targeted or when it was first detected.
These new revelations come in the wake of Stuxnet, the first ever malware designed to attack industrial equipment. Specifically it targets Siemens’ Supervisory Control And Data Acquisition (SCADA) software used to control and monitor industrial processes and has the ability to reprogram Siemens’ Simatic PLCs (programmable logic controllers). It is reported that such equipment is used by Iran at its Natanz nuclear facility.
Last week Jalali accused Siemens of helping the U.S. and Israel create the Stuxnet worm saying they should “explain why and how it provided the enemies with the information about the codes of the SCADA software and [so] prepared the ground for a cyber attack.”
Could Stars be just an “ordinary” Windows worm which Iran have mistaken as a cyber attack? Every day security experts find thousands of new malware samples, many of which are designed for spying on victims’ computers.