Personal Computers Of Iranian Nuclear Plant Employees Infected By Stuxnet Worm

"An electronic war has been launched against Iran", Mahmoud Liayi, head of the information technology council at the ministry of industries, told the state-run Iran Daily newspaper. This, in response to reports that a sophisticated computer worm had infected the personal computers of staff at the country's first nuclear power station, the Bushehr plant, due to come on line in the coming weeks. Officials claim that the operating system at the plant has been unaffected by the Stuxnet worm, so sophisticated that it is believed to be the work of "a nation state".

Stuxnet targets systems made by the German company Siemens, these systems are typically used to manage water supplies, oil rigs, power plants and other utilities. The Iranians claim that computers operating on some 30,000 IP addresses within the country have been infected.

Western nations fears Iran's goal is to build nuclear weapons while Iranian officials says its programme is aimed solely at peaceful energy use.

Source: BBC

New iPhone Worm Targets Netherlands Users

A new worm detected that targets the iPhone is specifically directed at users in the Netherlands who use their device to do online banking with Dutch online bank ING Direct according to security company F-Secure.

"It's the second iPhone worm ever and the first that's clearly malicious - there's a clear financial motive behind it," F-Secure research director Mikko Hypponen told the BBC.

"It's fairly isolated and specific to Netherlands but it is capable of spreading."

The worm again attacks iPhones which have been "jail-broken" and have SSH (secure shell), a file-transfer program that enables users to remotely connect to their phones, installed.

I wonder how long it will be before we see Microsoft adds poking fun at iPhone's security? "I'm a Windows Mobile, and I'm a iPhone OS"

iPhone/iPod Touch Owners Rickrolled By ikee Worm

A self-propagating program believed to be the first iPhone worm, that changes an iPhone's (or iPod Touch's) wallpaper to a picture of Rick Astley with the message "ikee is never going to give you up", has been unleashed in Australia. Known as "ikee" the worm only affects devices that have been jail-broken, have had SSH installed (a program that allows users to make changes to the phone's file system), and who's owners have not changed the default root password after installing SSH.

"What's clear is that if you have jail-broken your iPhone or iPod Touch, and installed SSH, then you must always change your root user password to something different than the default, 'alpine'," wrote Graham Cluley of security firm Sophos.

"In fact, it would be a good idea if you didn't use a dictionary word at all."

Source: BBC

Microsoft Releases Free Antivirus In 4 Countries

Microsoft Security Essentials beta, a free antivirus software, was available for download on Tuesday to those running Windows XP, Windows Vista or Windows 7 but only if you reside in the U.S., Israel, China and Brazil.

According to the CBC "Microsoft bills the software as providing "high-quality protection" against both viruses, Trojans, worms, spyware and other malicious software. It updates and upgrades automatically."

The software will apparently be made available to Canadians when the final version of the software is released to 19 countries during the second half of this year.

Microsoft Offers Reward For Worm Creator's Identity

George Stathakopulos from Microsoft's Trustworthy Computing Group has told the BBC that a $250,000 reward is being offered by the company to find who is behind the Downadup/Conficker virus. "Our message is very clear - whoever wrote this caused significant pain to our customers and we are sending a message that we will do everything we can to help with your arrest," said Mr Stathakopulos. One estimate has as many as 12 million computers being affected globally by Conficker/Downadup since it appeared in October.

On three other occasions Microsoft has offered such rewards. Rewards of $250,000 were offered for information leading to the creators of Blaster, MyDoom and Sobig worms. The perpetrators of those threats have never been caught.

Windows Worm Spreads To 3.5 Million PCs

A Windows worm known as Conficker, Downadup, or Kido which was first discovered in October has a new viral variant that is causing concern amongst security firms. Even though Microsoft's MS08-067 patch protects users from the worm it has propegated to some 3.5 million machines worldwide.

According to Microsoft, the worm works by searching for the "services.exe" file and then becomes part of that code. It copies itself into the Windows system folder as a random dll fileand gives itself a 5-8 character name, such as piftoc.dll. The worm then modifies the Windows Registry to run the infected dll file as a service. Once up and running, it creates an HTTP (web) server, resets your machine's System Restore point (making it harder to recover from) and proceeds to download files from a malicious web site.

"There was a new variant released less than two weeks ago and that's the one causing most of the problems," Kaspersky Lab's security analyst, Eddy Willems told the BBC.

"The replication methods are quite good. It's using multiple mechanisms, including USB sticks, so if someone got an infection from one company and then takes his USB stick to another firm, it could infect that network too. It also downloads lots of content and creating new variants though this mechanism."

"Of course, the real problem is that people haven't patched their software. If people do patch their software, they should have little to worry about," he added.