A highly advanced spyware, apparently created by Israeli government-linked program Duqu, has been found at three luxury hotels in Europe, all of which have been used for Iran nuclear talks.
While there is no rock-hard evidence suggesting that the Israeli government itself planted the malware, the fact that the malware seems to have been created by Duqu does lend itself to speculation.
The spyware was first discovered earlier this year by Kaspersky Labs, which was testing an advanced antivirus software when it came across the malware. This malware was advanced because it left almost no traces and burrowed deep inside a computer's kernel memory, where the most basic software of the computer is kept. Kaspersky then assigned a team to keep an eye on the software, after which the team found out that the software was linked to Duqu, which was previously connected to the Israeli government.
Following this discovery, the team launched a worldwide search to see if the software could be found anywhere else, discovering its existence at three hotels in Europe, all of which were used for Iran nuclear talks.
Kaspersky Labs itself did not outright blame the Israeli government for the spyware, dubbed Duqu 2.0, however. it did indicate that there may be a connection between the two.
Researchers also mentioned in their report that it is not yet known exactly what kind of information was stolen, and that whoever was behind the software may have been able to eavesdrop on the conversation. The Israeli government has denied that it has spied on the U.S. and other allies, however, it has said that it does conduct surveillance on Iran in general. It has not spoken specifically about the Duqu virus.
The virus was also used to target employees at Kaspersky Labs itself, being sent to an employee in an attachment to an email. The employee did not open the attachment, however.
"Spying on cybersecurity companies is a very dangerous tendency. Security software is the last frontier of protection for businesses and customers in the modern world, where hardware and network equipment can be compromised," said Eugene Kaspersky, CEO of Kaspersky Labs. "Moreover, sooner or later technologies implemented in similar targeted attacks will be examined and utilized by terrorists and professional cybercriminals. And that is an extremely serious and possible scenario."
Of course, companies are working hard to patch vulnerabilities that may have let Duqu 2.0 into a system. Microsoft released a patch addressing the issue and, of course, Kaspersky Labs' antivirus tools now offer protection against the spyware.