The virus used to hack the Russian cybersecurity company Kaspersky Labs is an improved version of the malicious software that was used in an attempt to monitor nuclear negotiations with Iran, according to Kaspersky. Israel is believed to be behind both hacks, as each strain of malware is also a variant of the Stuxnet virus deployed against Iran by the U.S. and Israel in 2010.
Kaspersky dubbed the newest virus Duqu 2.0, an updated version of the Duqu virus that targeted three European luxury hotels where diplomats from around the world were staying when they congregated to iron out details of the Iranian nuclear deal over the past 18 months. Representatives from the U.K., the U.S., China, France, Germany and Russia (the so-called P5+1) were on hand for the negotiations, though from afar Israel loudly protested the plan to ease the restrictions on Iran's nuclear program.
Current and former U.S. intelligence officials told the Wall Street Journal they believe the Duqu program is deployed to carry out Israel's most sensitive cyber espionage and war operations.
“The people behind Duqu are one of the most skilled and powerful advanced persistent threat groups, and they did every thing possible to try to stay under the radar,” Costin Raiu, director of Kaspersky Lab's global research and analysis team, said in a company statement late Wednesday. “The analysis of the attack revealed that the main goal of the attackers was to spy on Kaspersky Lab technologies, ongoing research and internal processes. No interference with processes or systems was detected.”
The findings were also confirmed by Symantec and Trend Micro, two of Kaspersky's competitors.
“It certainly has all the hallmarks of a nation-state attack and reuses much from its ancestor the original Duqu, but in new and improved ways,” Rik Ferguson, Trend Micro's head security researcher, told the Guardian. “The average consumer or small business won't be affected directly by Duqu 2. The bigger issues is, as we saw with Stuxnet and many others, this research and development effort made by nation states almost invariably files down to the more widely spread cybercrime.”