Security expert: Iran and North Korea teaming up to fight malware like Duqu, Flame, Stuxnet

Iran and North Korea have been in bed together for a long time, but recently they threw off the covers for the whole world to see. At least one security expert thinks there is a malware angle here that is worth underlining.

At the start of this month, news broke that Iran and North Korea have strengthened their ties, specifically by signing a number of cooperation agreements on science and technology. The two states signed the pact on Saturday, declaring that it represented a united front against Western powers. Ayatollah Ali Khamenei, Iran’s Supreme Leader, told Kim Yong Nam, North Korea’s ceremonial head of state, the two countries have common enemies and aligned goals.

On Monday, security firm F-Secure weighed in on the discussion. The company believes Iran and North Korea may be interested in collaborating against government-sponsored malware attacks such as DuquFlame, and Stuxnet.

“It’s highly likely that one of the reasons for this co-operation is for them to work together regarding their cyber defence and cyber offense strategies,” F-Secure security chief Mikko Hypponen told V3. “Both of these countries have clear interest in improving their cyber capability. And both of them have massive armies. Iran and North Korea have both armies that are among the 10 largest in the world.”

For the uninitiated, Stuxnet is a highly sophisticated piece of malware discovered in June 2010. It initially spreads via Windows, eventually targeting Siemens industrial software and equipment. Different variants of Stuxnet targeted five Iranian organizations, with the probable target widely suspected to be uranium enrichment infrastructure in the country. Duqu, which was discovered in September 2011, is very similar to Stuxnet, is believed to be created by the same authors, and is also related to the nuclear program of Iran.

Flame is the most recent such state-sponsored malware, and was discovered in May 2012. It is being used for targeted cyber espionage in Middle Eastern countries, but infections have also been reported in Europe and North America. It attacks Windows computers and can spread to other systems over a LAN or via USB stick. Flame is capable of recording audio, screenshots, keyboard activity, network traffic, Skype conversations, and can even download contact information from nearby Bluetooth-enabled devices.

It has been widely speculated that Israel and the US have been involved in the development of at least one of these pieces of malware, and possibly all three.

Advertisements

Tags: ,

About Nlyten

I have always been a tech enthusiast, to the point where i have become an addict. Tech to me is crack; Always trying to get my fix every chance i get ! I have always loved sharing anything that fascinates me which again 90% of the time is about tech related content. I used to share content on Google Reader Shared pages (http://www.google.com/reader/shared/surdie) but after their not so brilliant idea to shut it down i felt i needed a new platform where i could share and distribute content and thats how Nlyten.com came about. So keep reading and get Nlyten ed !

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: