Stuxnet worm rampaging through Iran: IT official
The Stuxnet worm is mutating and wreaking further havoc on computerised industrial equipment in Iran where about 30,000 IP addresses have already been infected, IRNA news agency reported on Monday.
“The attack is still ongoing and new versions of this virus are spreading,” Hamid Alipour, deputy head of Iran’s Information Technology Company, was quoted as saying by IRNA, Iran’s official news agency.
Stuxnet, which was publicly identified in June, was tailored for Siemens supervisory control and data acquisition, or SCADA, systems commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.
The self-replicating malware has been found lurking on Siemens systems mostly in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, according to researchers.
The hackers, who enjoyed “huge investments” from a series of foreign countries or organisations, designed the worm to exploit five different security vulnerabilities, Alipour said while insisting that Stuxnet was not a “normal” worm.
He said his company had begun the cleanup process at Iran’s “sensitive centres and organisations,” the report said.
Analysts say Stuxnet may have been designed to target Iran’s nuclear facilities. But Iranian officials have denied the Islamic republic’s first nuclear plant at Bushehr was among the addresses penetrated by the worm.