Today The Wall Street Journal reported that Moscow-headquartered cybersecurity firm Kaspersky Lab ZAO “discovered it had been hacked last year by a virus widely believed to be used by Israeli spies.” The malware, Kaspersky learned, could be pinned to three hotels—the firm’s clients—where negotiations over Iran’s nuclear program took place. Kaspersky’s director of global research and analysis, Costin Riau, does not know what was stolen, WSJ reports:
He said the virus was packed with more than 100 discrete “modules” that would have enabled the attackers to commandeer infected computers. One module was designed to compress video feeds, possibly from hotel surveillance cameras. Other modules targeted communications, from phones to Wi-Fi networks. The attackers would know who was connected to the infected systems, allowing them to eavesdrop on conversations and steal electronic files. The virus could also enable them to operate two-way microphones in hotel elevators, computers and alarm systems. In addition, the hackers appeared to penetrate front-desk computers. That could have allowed them to figure out the room numbers of specific delegation members.
Though Israel was not officially named by Kaspersky, the virus “could not have been been created by anyone without access to the original Duqu source code,” the report said, which the newly discovered malware is an improvement over. Duqu is an intelligence-gathering tool that was “used to copy blueprints of Iran’s nuclear program,” reported the New York Times in 2012.
Previous: Stuxnet Hits Russia, Nazi-Looted Art Online
Daybreak: That Answers The Stuxnet Question
Stuxnet Is the Bomb
How Stuxnet Came To Be
Confirmed: Stuxnet Targeted Iran
New Computer Virus Is Part of Absurd Plotline
With ‘Flame,’ Israel Is Playing With Fire