Iran (Next Media) – Kaspersky Lab say they have uncovered a sophisticated malware infection in venues that hosted high-level discussions surrounding Iran’s nuclear programme.
Duqu 2.0, an advanced espionage virus with links to Israel, is thought to have been used in a cyberattack on hotels where the P5+1 talks took place in Europe.
Kaspersky Lab explained that the malware exploits zero-day vulnerabilities. These attacks occur the same day a software weakness is discovered and before its creators can make a fix available via an update.
The malware modifies system rules, allowing it to spread within a network through files commonly used to install software on remote computers. Additionally, the malware doesn’t change any disk files or system settings, making it difficult to trace.
According to the Wall Street Journal, the malware contained modules designed to control infected computers and compress video feeds, possibly from surveillance cameras.
Additionally, the malware targets communication networks, including Wi-Fi and phones, allowing hackers to listen in on connected users and steal sensitive information.
SOURCES: Wall Street Journal, Kaspersky, Guardian