Yesterday, the security research group F-Secure received a puzzling email claiming to be from a nuclear scientist with the Atomic Energy Organization of Iran (AEOI). In it, the author claimed that the country’s nuclear facilities were once again under attack. Only this time, the hackers brought Angus Young along for the ride.
F-Secure’s Mikko Hypponen said that a strange new chapter in the ongoing strife over Iran’s nuclear activities may be unfolding. He posted the following email which, although he cannot confirm the veracity of the claims, he does say came from within the AEOI. It reads:
I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC.