Shadow Brokers leak links NSA to alleged US-Israeli Stuxnet malware that targeted Iran – RT

Published time: 17 Apr, 2017 17:26

Malicious computer malware that caused substantial damage to Irans nuclear program may be the work of the NSA, researchers burrowing into the latest leak from hacking group Shadow Brokers have discovered within the computer data.

A tool found in Fridays leak matched one used by the notorious Stuxnet malware.

First detected in 2010, Stuxnet is believed to be the joint work of the US and Israel; a claim that Edward Snowden backed up in a 2013 interview but which has never been acknowledged by either government.

Designed to target industrial control systems used in infrastructure facilities, Stuxnet modifies data on controller software affecting their automated processes.

Computer code found in last weeks leak from Shadow Brokers, alleged to have been stolen from the NSA, was also found to match that used in Stuxnet.

Officials, who spoke under anonymity to The Washington Post, said in 2012 that the worm, developed under George W.Bushs administration and continued under Barack Obamas, was designed to damage Irans nuclear capabilities.

When it infected Irans nuclear facility in Natanz, it reportedly destroyed a fifth of their centrifuges after causing them to spin out of control, all the while relaying readings back to technicians at the plant that operations were normal.

"There is a strong connection between Stuxnet and the Shadow Brokers dump," Symantec researcher Liam O'Murchu told Motherboard. "But not enough to definitively prove a connection."

A definite link will be almost impossible to prove as Stuxnets script was later copied and used in an open-source hacking toolkit, allowing it to be replicated numerous times online.

However, O'Murchu said the script found in Fridays leak was last compiled on September 9, 2010 - three months after Stuxnet was first identified and shortly before it was added to the hacking toolkit.

Also contained in the leak was ASCII art of a medal with the words Won the gold medal!!! above it. Stuxnet was reportedly given the codename Olympic Games.

Security architect Kevin Beaumont tweeted the results of an antivirus program check on the Shadow Brokers exploits leaked on Friday, which returned that it had detected Stuxnet.

The latest evidence against the NSA was contained in Fridays leak from Shadow Brokers, which also detailed hacks aimed at Windows PCs and the SWIFT network, used to process payment orders.

READ MORE: What the hack? The leaks that shaped 2016

Read more from the original source:
Shadow Brokers leak links NSA to alleged US-Israeli Stuxnet malware that targeted Iran - RT

Related Posts

Comments are closed.