October 1, 2016

Update: Stars Worm Probably Just Political Bluff

It is now a couple of days since Iran claimed it was under another cyber attack but so far it has not offered any proof or given security experts any information about the worm. Simple fingerprint  information about the worm would immediately validate Iran’s claims and also allow security experts to see if examples of the worm have been found in the west.

Investigations by Live Hacking have revealed that inside of Iran there is little or no information about this worm and even Iran’s Computer Emergency Response Team have no knowledge of the attack.

Since Stuxnet also infected PC’s outside of Iran it is impossible that the new Stars worm has remained only inside the borders of this middle eastern country. When (and if) Iran publish more data on the worm it can be analysed thoroughly. If they don’t published any more information this will just been seen as another attempt at political misdirection.

First Stuxnet, Now Stars – New Worm Attacks Iran

Gholam-Reza Jalali, the director of Iran’s Passive Defense Organization has announced that it has detected a new worm called Stars which is designed to spy on Iran’s government systems. Jalali did not reveal what facilities the worm targeted or when it was first detected.

These new revelations come in the wake of Stuxnet, the first ever malware designed to attack industrial equipment. Specifically it targets Siemens’ Supervisory Control And Data Acquisition (SCADA) software used to control and monitor industrial processes and has the ability to reprogram Siemens’ Simatic PLCs (programmable logic controllers). It is reported that such equipment is used by Iran at its Natanz nuclear facility.

Last week Jalali accused Siemens of helping the U.S. and Israel create the Stuxnet worm saying they should “explain why and how it provided the enemies with the information about the codes of the SCADA software and [so] prepared the ground for a cyber attack.”

Could Stars be just an “ordinary” Windows worm which Iran have mistaken as a cyber attack? Every day security experts find thousands of new malware samples, many of which are designed for spying on victims’ computers.