Computer Networks in Iran have been infected by the Virus

Iranian officials have confirmed that the Stuxnet-like Duqu virus hit computers in the country, but said a fix is being provided to those affected. IRNA, the Iranian news agency, quoted Gholamreza Jalali, head of Iran's civil defense body, as saying that companies and agencies that might have been hit "are being controlled," according to the BBC.

"The software to control the virus has been developed and made available to organizations and corporations," Jalali told IRNA. Iranian officials are still working on a "final report" about the attacks, BBC said. Reports of Duqu first emerged in October when international security researchers alerted Symantec about a virus that was similar to Stuxnet but was intended to gather information rather than sabotage certain systems. "Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers," Symantec said in a blog post. "The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."

In a Friday blog post, Kaspersky Labs said that recent evidence suggests work on Duqu could date as far back as 2007, and that attackers are creating custom files for each individual attack. In the cases analyzed by researchers at Kaspersky Lab, the email contains a Word file that includes the exploit code,"--Kaspersky's Dennis Fisher wrote. The Windows-specific computer threat, however, appeared to target Iranian nuclear facilities and infected tens of thousands IP addresses in the country. Security organisations had previously identified Iran as one of at least eight countries targeted by the code. Third attack?

Last year the Iranian government accused the West of trying to disrupt its nuclear facilities using the Stuxnet worm computer attack. Officials now describe the Duqu attack as the "third virus" to hit Iran. Keylogging programs are able to collect information about a computer system, take screenshots, search for files and capture passwords. The firm also provided more detail about how Duqu worked based on its analysis of other targets. Kaspersky Lab said the font was called Dexter Regular and its creators were identified as Showtime Inc.

The firm said the exploit then loaded a driver onto the system. Iran has confirmed that a number of computer networks in the country have been infected by the Duqu trojan, an enigmatic piece of malware based on Stuxnet. "The software to control the (Duqu) virus has been developed and made available to organizations and corporations in Iran," Brigadier General Gholamreza Jalali told the government-controlled IRNA news agency.
 The cyber defense unit works day and night to combat cyber attacks and spy (computer) virus."--Although Duqu is similar to Stuxnet, the latest malware variant is coded to collect intelligence data that could be used to launch attacks against industrial and nuclear control systems.