CybersecurityIran: Stuxnet infected industrial computers cleaned

Published 5 October 2010

Iran claims that Stuxnet, the sophisticated virus which has infected more than 30,000 computers used in industrial control systems in Iran, has been removed; Iranian officials also denied that the Bushehr nuclear reactor was among the addresses penetrated by the worm

Industrial computers infected by Stuxnet in Iran have been cleaned and returned to their units, a top official said on Sunday, following reports that the malware was mutating and wreaking havoc with equipment.

The industrial computers infected by the Stuxnet virus have been cleaned,” Mohsen Hatam, deputy industry minister, was quoted as saying on the state television’s Web site.

Iranian media had said that Stuxnet had mutated and was wreaking havoc on computerized industrial equipment in Iran, with around 30,000 IP addresses infected.

 

Hatam said, though, that “all platforms have been cleaned and delivered to the industrial units.”

The virus infected these computers because they lacked high security firewalls,” he added.

He said Stuxnet was “designed and dispatched about a year ago to gather information from industrial computers.”

Stuxnet, which was publicly identified in June, is a self-replicating malware found lurking on Siemens systems, mostly in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, researchers say.

Analysts say Stuxnet may have been designed to target Iran’s nuclear facilities, especially the Russian-built first atomic power plant in the southern city of Bushehr.

Officials have denied that Bushehr was among the addresses penetrated by the worm, but had acknowledged that some personal computers of the plant’s personnel had been infected.