{"id":15457,"date":"2012-09-18T06:38:16","date_gmt":"2012-09-18T05:38:16","guid":{"rendered":"http:\/\/rinf.com\/alt-news\/?p=15457"},"modified":"2012-09-18T06:38:16","modified_gmt":"2012-09-18T05:38:16","slug":"us-role-in-cyber-war-with-iran-may-be-larger-than-suspected","status":"publish","type":"post","link":"https:\/\/rinf.com\/alt-news\/sicence-technology\/us-role-in-cyber-war-with-iran-may-be-larger-than-suspected\/","title":{"rendered":"US Role In Cyber War With Iran May Be Larger Than Suspected"},"content":{"rendered":"

Michael Harper<\/a> | redOrbit<\/p>\n

Earlier this year, the Iranian nuclear program was attacked by a powerful and targeted form of cyber weaponry known as the Stuxnet Trojan. Then in May, a cyber-surveillance tool called Flame was uncovered and was later called \u201cthe most sophisticated cyber weapon yet unleashed\u201d by researchers at Kaspersky Labs. It was\u00a0later discovered<\/a>\u00a0that US military and intelligence agencies \u2014 including the CIA and NSA \u2014 had worked together with the Israeli military to craft this malicious software in an attempt to impede Iran\u2019s nuclear plans.<\/p>\n

Today,\u00a0Reuters reports<\/a>\u00a0that researchers have discovered three more computer viruses in the wild which were developed by the US military possibly for purposes of espionage and cyber warfare.<\/p>\n

These new findings are another indication that the US government plans to continue its pursuit of cyber warfare as an extension of national security, particularly where matters in the Middle East are concerned.<\/p>\n

Researchers from both Symantec Corp and Kaspersky Labs have say that they\u2019ve found evidence indicating that those behind the Flame project have also collaborated on at least three other pieces of malware which, though identified, have not yet been classified.<\/p>\n

These researchers found this information as the result of intensive forensic investigation of the control servers used in Flame. These servers were hidden to appear as publishing platforms for a service called \u201cNewsforyou.\u201d Later, the servers were programmed to erase any digital footprint that it may have left behind, making tracing this tool extremely difficult.<\/p>\n

According to the Kaspersky Labs\u00a0blog post<\/a>, the creators of this malware designed the UI to look as bland and boring as possible, so as to make it appear \u201cgeneric and unpretentious.\u201d<\/p>\n

\u201cThe C&C developers didn\u2019t use professional terms such as bot, botnet, infection, malware-command or anything related in their control panel,\u201d writes GReAT, a Kaspersky Lab expert on the SecureList blog. \u201cInstead they used common words like data, upload, download, client, news, blog, ads, backup etc. We believe this was deliberately done to deceive hosting company sys-admins who might run unexpected checks.\u201d<\/p>\n

According to the research, the Newsforyou servers were used to deliver 4 different types of malware: Flame as well as three programs labeled SP, SPE and IP. Neither Kaspersky nor Symantec has been able to find samples of either of the three other cases of malware.<\/p>\n

In fact, the two firms seem to disagree on what these three pieces of malware could be. Kaspersky believes SP, SPE and IP are espionage tools that are totally separate of Flame. Symantec, on the other hand, isn\u2019t yet sure if these are completely separate pieces of software or simply variations on Flame.<\/p>\n

\u201cWe know that it is definitely out there. We just can\u2019t figure out a way to actually get our hands on it. We are trying,\u201d said Vikram Thakur, a researcher for Symantec, in an interview with Reuters.<\/p>\n

The researchers were able to discover this new malware when about a dozen infected computers from Iran and Lebanon attempted to contact one of the command and control servers being watched by Kaspersky Labs.<\/p>\n

Though one of the computers uploaded a large file of data to the servers, the team at Kaspersky was unable to access it as it is locked down behind a password that appears to be virtually uncrackable.<\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Michael Harper | redOrbit Earlier this year, the Iranian nuclear program was attacked by a powerful and targeted form of cyber weaponry known as the Stuxnet Trojan. Then in May, a cyber-surveillance tool called Flame was uncovered and was later called \u201cthe most sophisticated cyber weapon yet unleashed\u201d by researchers at Kaspersky Labs. It was\u00a0later […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,18],"tags":[34],"class_list":{"0":"post-15457","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-sicence-technology","7":"category-latest-news","8":"tag-iran"},"_links":{"self":[{"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/15457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/comments?post=15457"}],"version-history":[{"count":0,"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/15457\/revisions"}],"wp:attachment":[{"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media?parent=15457"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/categories?post=15457"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/tags?post=15457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}