Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Iran attacked by prank 'AC/DC' malware, expert reports

Hoax or malevolent statement of musical taste?

Article comments

Iran's nuclear programme might recently have been attacked by unidentified malware that played Thunderstruck by Anglo-Australian heavy metal band AC/DC as part of its programmed behaviour, a security expert has reported.

News of the unlikely-sounding 'worm' was sent in an email to well-known F-Secure chief research officer, Mikko Hypponen from an unamed source claiming to be an Iranian nuclear scientist.

“I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom,” said the mysterious source.
“According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert,” the message continued.

The Thunderstruck track played randomly on several workstations at maximum volume in the middle of the night, the source added.

Hypponen expressed scepticism about the claim although the email had come from a verified address within the Atomic Energy Organisation of Iran (AEOI), he confirmed.

An elaborate hoax or a sign that Iran's enemies have a sense of humour and a taste for heavy metal? “I'm not sure what to think about this,” said Hypponen in fence-sitting mode.

On the face of it, a Trojan good enough to penetrate the systems of Iran's nuclear programme would be unlikely to advertise its presence by playing loud music.

Could it be a third-party malware programme that somehow sneaked on to the systems by accident? Again unlikely; criminal malware never advertises its presence and such malware behaviour would have been reported in other countries.

One possibility is that it was written by someone closer to the programme as an act of prankish subversion – or it doesn't exist and the whole email was concocted as a joke.

Iran has, as everyone now knows, been struck in recent times by several pieces of sophisticated malware, including Stuxnet in the years to 2010, Duqu in 2011 and Flame until 2012.

Can the world add the 'Thunderstruck attack' to that list? We will probably never know but it might serve as some advertising for the band's next scheduled tour. As for Hypponen, he is probably regretting ever mentioning it.


More from Techworld

More relevant IT news


Shahab78 said: Do you really think an Iranian Nuclear scientist would send an email to F-Secure telling them about the Nuclear facilities and the problems they are having and tells them I dont know about this stuff well think twice

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *