First there was Stuxnet, then there was Flame – cyberweapons allegedly designed by the U.S. along with Israel against Iran and their nuclear centrifuges. Now there are reports that Iran has been “Thunderstruck” by a new attack that makes the target computer play the hard rock song “Thunderstruck” by the Australian rock group AC/DC at full volume “maxed out”. The news comes from F-Secure’s security figure Mikko Hyponnen, who reports receiving a series of email from an Iranian scientist working at the Atomic Energy Organization of Iran (AEOI)
“I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC.”
Thus far there is no confirmation of such a worm other than this report. However if true it could mark a third known cyberattack and the sophistication of it in combination with the comedic element of playing the hard rock staple is simply fascinating. For one, the attack gained access to the VPN, and then shut down their network and Siemens hardware. Two, the infection is no longer designed to hide in the background, lurking and undetected. It is almost as though there is an element of boasting. Imagine if this was LulzSec or Anonymous that employed the “Thunderstruck” element. It would seem like the jovial pranks that have been exhibited in the past. Until more is confirmed however, we just don’t know if this one is real, it just seems too far-fetched.