Heavy metal has been weaponzied. At least that's the claim by a computer security researcher who says an Iranian nuclear scientist emailed him to say he and his fellow scientists were under attack by involuntary blasts of AC/DC, sparked by computer malware.
Mikko Hypponen, lead researcher at the Finnish computer security firm F-Secure, says he received "a series of emails from Iran" this weekend about a new rockin' cyber attack on nuclear research facilities there. He posted the text of one email to his blog:
I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing 'Thunderstruck' by AC/DC.
This seems like some variant of a Nigerian scam email, but Hypponen says he's verified it really was sent from Iran's Atomic Energy Organization. And Hypponen, a legendary computer virus hunter, has received emails like this from Iranian authorities in the past. Last month he wrote in Wired about how an Iranian computer security analyst had emailed him to notify him about the Flame spyware that was infecting Iranian computers. Flame was developed by the U.S. and Israel to spy on Iranian computer networks in advance of future cyber warfare campaigns, according to the Washington Post.
But the program mentioned in the email, Metasploit, is an open-source project used to find vulnerabilities in software. Unlike Flame or its famous cousin Stuxnet, which has been estimated to have cost $3 million to develop, Metasploit can cost as little as $3,000.
This seems as likely to be a bit of weird disinformation by whomever sent the email, as a legitimate attack. Because if anything, AC/DC would shock those scientists into hyper-productivity. They'd be jumping over centrifuges with their shirts off: AHhhhhhhhAAAAAAAaaa. THUNDER!
[Image via Shutterstock]