Firm says new Stuxnet-like virus found

Computer virus's evident success in damaging Iran's nuclear facility has officials asking if our own infrastructure is safe. Steve Kroft report

(CBS/AP) LONDON - Computer security firm Kaspersky says it has discovered a new batch of malicious software linked to the infrastructure-wrecking Stuxnet virus.

In a statement Thursday the Moscow-based company said it had found a virus dubbed "Gauss" which it said was aimed at stealing financial information from its mainly Middle Eastern victims.

Kaspersky Lab ZAO said that the newly-discovered virus shared similarities in terms of structure and operation with Flame, a program aimed at vacuuming information from target computers. Flame in turn shared similarities with Stuxnet, a program experts believe was designed to sabotage Iran's disputed nuclear program.

Both pieces of malicious software have been attributed to the U.S. and Israeli governments. Kaspersky's statement said that all three viruses likely came from the same "factory" or "factories."

In a "60 Minutes" broadcast in March, correspondent Steve Kroft reported that Stuxnet was first detected and isolated by a tiny company in Belarus after one of its clients in Iran complained about a software glitch in June of 2010. Within a month, a copy of the computer bug was being analyzed within a tight knit community of computer security experts, and it appeared to be the first salvo in a new era of warfare.

"60 Minutes": Stuxnet computer worm opens new era of warfare
Stuxnet copycats: Let the hacking begin
Cybersleuths see link between Flame, Stuxnet virus

In June, a new virus called "Flame", was unleashed. It was a massive, data-slurping cyberweapon circulating in the Middle East, and computers in Iran appear to have been particularly affected, according Kaspersky.

Kaspersky said the "Flame" virus was unprecedented both in terms of its size and complexity, possessing the ability to turn infected computers into all-purpose spying machines that can even suck information out of nearby cell phones.

Speculation as to the virus' authorship has quickly settled around Israel or the United States, a theory which was given credence by an article in The New York Times detailing how President Barack Obama ordered a wave of cyberattacks - code-named Olympic Games - which included unleashing Stuxnet against Iran's underground nuclear plant at Natanz.

The article also claimed that Israelis cooperated with the highly classified project.

The Times drew on anonymous sources, but its detailed description of conversations in the Oval Office among Obama, the vice president and the CIA director, was the most direct evidence to date of U.S. responsibility for Stuxnet.

Comments