Kaspersky says Iran talks spyware masqueraded under Foxconn name

Mon Jun 15, 2015 2:26pm EDT
Email This Article |
Share This Article
  • Facebook
  • LinkedIn
  • Twitter
| Print This Article | Single Page
[-] Text [+]

By Eric Auchard and Joseph Menn

FRANKFURT/SAN FRANCISCO, June 15 (Reuters) - Further research into the sophisticated computer virus used to hack into hotels where the Iran nuclear talks took place has found it took advantage of digital credentials stolen from the world's top contract electronics maker Foxconn.

Russian security company Kaspersky Lab said on Monday that researchers learned the Duqu 2.0 virus had redirected computer traffic by using a legitimate digital certificate from Taiwan's Hon Hai, also known as Foxconn.

Foxconn customers have included many of the world's biggest electronic makers, including Apple, Blackberry, Google, Huawei and Microsoft.

Kaspersky revealed its initial findings in a report last week in which it said it found the virus in conferencing equipment at three European hotels used in talks involving Iran and six world powers, among other targets.

Digital certificates are the credentials which identify legitimate computers on a network. They act as the basis of e-commerce and other largely automated transactions on the Web.

In recent years, cyberspies have begun to exploit stolen certificates to trick machines into thinking malicious software comes from legitimate computers, an escalation posing a grave threat to business done over the Internet, security experts say.