Iran says thwarted Dino malware attack on country’s sensitive centers
Baku, Azerbaijan, July 5
By Umid Niayesh - Trend:
Iran confirms that a spy malware called Dino was targeting sensitive centers inside the country since one and a half years ago.
After the malware was discovered, the Computer Emergency Response Team Coordination Center(CERTCC) which is subset of the Information and Communication Technology(ICT) sent a secret report to the country's officials on the issue, Masoud Biglarian, head of the CERTCC said.
"We took appropriate measures to prevent damage to the strategic centers of the country by Dino," Biglarian said, Iran's Mehr news agency reported July 5.
He further said that Dino is a type of Spyware such as Stuxnet which is designed for specific purposes and launches targeted attacks.
He rejected claims that the malware infected some sensitive centers inside the country.
Last week some western media outlets reported that Dino malware which searches for specific data and steals it has infected some organizations inside Iran.
Bratislava, Slovakia based security firm ESET's researchers have identified the sophisticated Dino Trojan that attacked Iranian and Syrian subjects in 2013 while rumor is that the group is a secret wing of the French Intelligence service.
Dino was supposedly created by the so-called Animal Farm Group, which also created other Trojans like Bunny, Casper and Babar. Casper malware's claim to fame is that it was involved in a large-scale attack on computer systems in Syria last fall.
ESET claims that "Dino's main goal seems to be the exfiltration of files from its targets".
Wide-scale cyber attacks on Iranian facilities started in 2010 after the US and Israel reportedly tried to disrupt the operation of Iran 's nuclear facilities through a worm that later came to be known as Stuxnet.
US intelligence officials revealed in June 2013 that the Stuxnet malware was not only designed to disrupt Iran 's nuclear program, but was part of a wider campaign directed from Israel that included the assassination of the country's nuclear scientists.
Stuxnet is the first discovered worm that spies on and reprograms industrial systems. It is specifically written to attack SCADA systems that are used to control and monitor industrial processes.
In September 2013, the Islamic Republic said that the computer worm of Stuxnet infected 30,000 IP addresses in Iran, but it denied the reports that the cyber worm had damaged computer systems at the country's nuclear power plants.
Follow the author on Twitter: @UmidNiayesh