scorecard
  1. Home
  2. Military & Defense
  3. 'Complete takeover': Israel unleashed one of the world's most sophisticated cyber weapons on the Iran talks

'Complete takeover': Israel unleashed one of the world's most sophisticated cyber weapons on the Iran talks

'Complete takeover': Israel unleashed one of the world's most sophisticated cyber weapons on the Iran talks

iran talks kerry

REUTERS/Ruben Sprich

U.S. Secretary of State John Kerry looks out of his room at the Beau Rivage Palace Hotel during a break during the Iran nuclear program talks in Lausanne April 1, 2015.

The computers in three luxury hotels that hosted high-stakes negotiations on Iran's nuclear program were infected with an improved version of one of the world's most powerful computer viruses, The Wall Street Journal reports.

The discovery of the Duqu virus - a collection of malware used primarily for sensitive intelligence-collection operations - by cybersecurity firm Kaspersky Lab ZAO provides the first solid evidence that Israel had in fact been spying on the talks, a suspicion that was first reported in March 2014.

Kaspersky has not officially named Israel as the source of the attack. But the uncovered virus "was so complex and borrowed so heavily from Duqu that it 'could not have been created by anyone without access to the original Duqu source code," according to the Journal and Kaspersky's report.

Duqu - and malware linked to it - has been used by Israel to spy on Iran in the past, copying blueprints of Iran's nuclear program. The malware has a variety of functions to suck up information.

"Since Duqu uses root capabilities and exploits vulnerabilities that allows for an elevation of privileges, Duqu can be used to install other code that can keystroke log, record conversations, record video, extract files, track any activity that occurs on the infected Windows PC or laptop," Jeff Bardin, chief intelligence officer of Treadstone 71, told Business Insider. "This includes the capturing of user ids, passwords, and sensitive files."

Iran Nuclear Plant

Raheb Homavandi/REUTERS

A security official stands in front of the Bushehr nuclear reactor, 1,200 km (746 miles) south of Tehran, August 21, 2010.

In 2012, Kasperskpy told The New York Times that that it believed that Duqu was created by the same state-sponsored program as the Stuxnet and Flame viruses, which also targeted Iran's nuclear program.

Stuxnet, a joint U.S.-Israel project, is known for reportedly destroying roughly a fifth of Iran's nuclear centrifuges by causing them to spin out of control. Flame is a massive program that leaves a backdoor (i.e. Trojan) on computers through which it sucks information from networks by actions Bardin described as functions of Duqu.

"Once the [Duqu] code is installed, most anti-virus software cannot detect or remove this malware," Bardin said. "Duqu allows for the complete takeover of the target Windows devices."

kerry zarif

REUTERS/Ronald Zak/Pool

Kerry (L) and Iranian Foreign Minister Javad Zarif (R) are pictured before a meeting in Vienna November 23, 2014.

After intercepting communications between Israeli officials early last year, the White House suspected that Israel had been spying on the negotiations to gather sensitive information that it could then reveal to Congress in the hopes of sinking the deal.

The administration did not elaborate on the tactics used, however, saying only that Israeli officials couldn't have possibly known certain details surrounding the talks without actually being in the room.

Kaspersky researchers were alerted to Duqu's resurgence after detecting the virus in their own system earlier this year - it had been there, Kaspersky believes, for at least six months.

The FBI is investigating Kaspersky's claims, according to the Journal. The firm has declined to name the three European hotels that were targeted.

Nuclear talks were held at the Beau-Rivage Palace in Lausanne, Switzerland, the Intercontinental in Geneva, the Palais Coburg in Vienna, the Hotel President Wilson in Geneva, the Hotel Bayerischer Hof in Munich and Royal Plaza Montreux in Montreux, Switzerland.

NOW WATCH: Why Putin is the most powerful man in the world

READ MORE ARTICLES ON




Advertisement