An email virus spread throughout the Atomic Energy Organization of Iran (AEOI) closing down the “automation network” all while blaring AC/DC’s “Thunderstruck” at maximum volume. Citing an e-mail posted on F-Secure Security Labs website:
“I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC.”
Mikko Hypponen, chief security officer at F-Secure Security Labs and the person involved in the correspondence, said he received three e-mails on July 22 from an individual with an aeoi.org.ir e-mail address, receiving replies after he responded. After researching the person’s name on the internet, Hypponen said he found:
“plenty of nuclear science papers and articles published by someone with this name. I can’t confirm that the person was who he said he was. And I can’t confirm any of the things he said actually happened. But I can confirm I was emailing with someone who had access to an aeoi.org.ir address.”
F-Secure Security Labs is involved in analyzing viruses, spyware and spam attacks, according to its website.
