This seems to be real. A number of sources have reported it. Although when I first read the headlines I was hoping it was something other than it was.
As far as I can tell the music simply indicated a compromised system. However, back in the way back times, if you programmed the seeks on a large disk drive you could get it to play 'music' of a sort from the resonance of the stepper motors. I had wondered if someone has changed stuxnet to modify the centrifuge speeds to play notes, and then have the facility play heavy metal music (which would be appropriate for a facility that was purifying a very heavy metal).
I too was really hoping they'd done this to the centrifuges.
Instinctively I think this story reeks of bullshit. Not saying it didn't happen, but rather I sense deeper levels of foul play: like others have said, it feels like a distraction or misdirection. The metasploit mention is incongruous as well.
I think there are very few credible things about this story.
why would the computer security people tell everyone that it was metasploit? usually, IT staff tells people very little about current or ongoing security events.
why would workstations have speakers? perhaps they were internal speakers, but still.
are the phrases and word choices used in the e-mail consistent with the type of person who purports to have sent the e-mail? I'd like someones more expert opinion here on whether an Iranian person would say "maxed out", for example.
and finally, why would a real nuclear scientist risk death and imprisonment to tell an antivirus company that someone had compromised their computers to play AC/DC?
The workers at Iran's nuclear facilities are free to just do whatever the hell they want now and if they get busted they can blame it on US/Israeli hackers.
Sounds to me like the most plausible explanation so far. Some connected employee/s breached internal IT security protocol by transferring music to their workstations, maybe even being caught at a night shift blasting music. They tried to cover it up with some stories and it got out of hand.
I'm serious, I think anyone who's been in (any) military capacity can see such a thing happening.
Every time I come to any conclusion about what's happening with Iranian computers, I'm proven wrong weeks later. It is nuts what is going on here. I agree: playing AC/DC on nuclear facility computers sounds too theatrical to be real. Which probably means it was a Sepultura/Muppets mashup and not AC/DC.
This seems to be real. A number of sources have reported it.
Yes, but they're all referring back to the same original claim. I don't find this story credible at all, and think it more likely that someone has spoofed an email using the addresses and header data found in a previous Wikileaks release.
I had hoped it wasn't true, because sooner or later meddleing in Irans stuff is going to piss them of then one of the two sides will do something stupid, or Obama needs to be a hawk again, or Israel gets enough, or something else and vola, we got another war in the middle-east going on.
I hope that the any government protest will resume and the people in Teheran will overthrow the priests. I have no sympathy for the Iranian goverment, but I fear a war more than I fear a neuclear armed Iran (what are they going to do with them, anyway? Blow up Israel? Attack the united states?).
> However, back in the way back times, if you programmed the seeks on a large disk drive you could get it to play 'music' of a sort from the resonance of the stepper motors.
I would love to see the entire facility spontaneously erupt into a symphony like this: http://vimeo.com/1109226
Metasploit? The US and Israel spent probably hundreds of millions on developing custom frameworks using massive international teams, even implementing cutting-edge cryptanalysis to create the first trojans. And now someone broke a VPN, picked up Metasploit, and attached an MP3 to the payload? What the fuck?
If this is real, it certainly wasn't the same team that executed the first attacks. Sounds like a couple of prankster pentesters.
100% agree. And I doubt they are delivering music payloads all the way across the air gap just for fun. A guess, but it sounds like these machines aren't subject to the same restrictions as the really intense stuff on the other side of the security curtain.
Sounds more like someone at the target end trying to explain something they don't understand by blaming it on something they've heard of which might be related.
I know that some of the pentest training courses specifically use aeoi.org as a target. Not for actual attacks, but for conducting reconnaissance and target enumeration. I wonder if someone decided to see just how vulnerable the enumerated systems were.
They hacked into some workstations. This isn't the same as stuxnet.
Presumably this was a bug in a VPN software somewhere, which led to, probably, some windows machines. The fact that this was at a nuclear facility is kindof pointless; it's just an office.
Stuxnet specifically went after industrial control systems, and destroyed the machines they controlled.
That could also be interpreted as "someone tried to run some shellcode [that was copied from Stuxnet] on the POS Windows XP boxes we use for QA tests, so we shut down the SCADA interconnect just in case." It's pointless to speculate though. I bet it turns out to be a really stupid prank by an ex-scientist.
Considering how much effort went into stuxnet and flame this seems to be rather weird. Go to extreme lengths in coding malware to... play AC/DC? Something doesn't seem quite right.
I would guess you are right. Not really the paranoid type, but when considering things like this with Iran I wouldn't be surprised if it was government doings and the AC/DC thing is a distraction from whatever they really did.
This sound like a good idea and I'm sure it makes anyone American absolutely brim with patriotic pride. It's also a completely idiotic thing to do. Creating malware takes a lot fewer resources than creating real weapons and the US and West in general is far more vulnerable to malware than Iran or most small countries due to the economy's greater mechanization. What happens when there is blowback?
Not to mention that further tensions is not desired right now -- with Obama neck and neck with the Republican and Israel getting impatient and Iran getting offended, this could turn very nasty, very soon (and the west can ill afford another war in the middle-east with the current economy and gas prices).
I hope the regime fall, but it has to be internal or it won't stick.
Do they still run stock Windows PCs in a nuclear facility?
Do they still have critical machinery participating in insecure local network?
Well, maybe it isn't a nuclear lab after all, but a honeypot for hackers? And the actual lab is somewhere else?
Because otherwise they would figure it out already, I think.
I was thinking had it happened to US, some nutjob would have declared Metasploit illegal. Though US regulations don't apply to us non-US folks, developing nations tend to pick things from west, especially for issues concerning technology. I blame US for broadband fair-usage quota.
Also, EU or US regulations make travelling difficult. Hasn't EU declared hacking tools illegal? Man, it would suck to be detained in a foreign country for installing metasploit.
Whoever is skilled enough to hack into some computers at a nuclear reactor facility must also be clever enough to not give itself away with a childish prank. There are many better things they can do than playing music. I'm sure the story is fake.
Seems like "Who Made Who" by AC/DC would be appropriate here since it was done for the soundtrack of "Maximum Overdrive," a Steven King movie about the machines taking over.
You'd be surprised. During Operation Just Cause in Panama, US troops used loudspeakers blasting music (including Van Halen) to flush Noriega out of his hiding place.
Believe it or not, even government workers have a sense of humor ...
Probably less "sense of humor" than psychological warfare by constantly demonstrating superiority and presence - plus depending on the volume and proximity, this could interfere with enemies communicating and could even keep them from sleeping. Maybe not the worst thing at first but I can see how this can get more effective over time...
I think it's exactly the opposite. If the story is really true then the psychological effects are enormous. It tells them:
"Look we have everything under control. We can even afford to let you know that. Look, we can make your top secret workstations play music just for fun. Don't mess with us, otherwise we can make even your bombs explode in your own bunkers."
I think if the Iranians are really so stupid to make war with Israel or U.S. (which means WW3) this would lead to their own self destruction.
As far as I can tell the music simply indicated a compromised system. However, back in the way back times, if you programmed the seeks on a large disk drive you could get it to play 'music' of a sort from the resonance of the stepper motors. I had wondered if someone has changed stuxnet to modify the centrifuge speeds to play notes, and then have the facility play heavy metal music (which would be appropriate for a facility that was purifying a very heavy metal).