VirtualThreat Contributing Writer
Hacked Iranian Nuclear Plants Play Heavy Metal Music by AC/DC.
It seems the Iranian government has been busy retaliating after a barrage of recent cyber attacks targeting the computers within the country’s nuclear program. First there was Stuxnet, a malicious piece of malware that targeted the actual control systems for Iran’s nuclear equipment. Next came Flame, one of the most complex pieces of malware ever found. This virus included the ability to spy on a victim by activating the target computer’s microphone and web camera. Both of these attacks were rumored to have had U.S. government involvement. In March (2012) Iran was hit with an interesting attack to say the least.
Computer systems within Iran’s nuclear program were hit by a virus that forced them to play “Thunderstruck”, a song by heavy metal rock band AC/DC. The song would play at full volume, in the middle of the night, through speakers connected to the victim computers.
A researcher at the security firm F-Secure, Mikko Hypponen, blogged that an Iranian Atomic Energy Organization scientist had written an email to him confirming the attack and stating “I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.” The email went on to say that Iranian cyber experts believed the hackers may have used a penetration tool called the Metasploit Framework.
Metasploit can be used by security professionals to test the vulnerability of computer systems in order to protect them or it can be used as a weapon by hackers to break into remote systems. Like many information security tools, Metasploit can be used for both legitimate and unauthorized activities.
Metasploit’s website says the Metasploit Framework “simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners … prioritize remediation and eliminate false positives, providing true security risk intelligence”
You have to give the hackers credit for creativity on this attack. I’m betting the Iranian nuclear employees just about wet their pants when AC/DC came through their speakers and started shredding at full volume in the middle of the night 🙂