Iran claims to stop Dino Malware attack



Iran confirms that spy malwarecalled Dino is targeting sensitive centers inside the country since one and half years ago.

Masoud Biglarian, head of the Computer Emergency Response Team Coordination Center (CERTCC), said that after malware was discovered the CERTCC which is subset of the Information and Communication Technology (ICT) sent a secret report to the countrys officials about the issue.

According to Irans Mehr news agency Biglarian said: «We took appropriate measures to prevent damage to the strategic centers of the country by Dino».

He also said that Dino is a type of Spyware such as Stuxnet that is designed for specific purposes and launches targeted attacks.

He rejected claims that the malware infected some sensitive centers inside the country.

Last week some western media outlets reported that Dino malware which searches for specific data and steals it has infected some organizations inside Iran.

Security firm ESET researchers in Bratislava, Slovakia identified the sophisticated Dino Trojan that attacked Iranian and Syrian targets in 2013 and it is rumor that the group is a secret part of the French Intelligence service.


Dino was supposedly created by the so-called Animal Farm Group which also created other Trojans like Bunny, Casper and Babar. Casper malwares claim to fame is that it was involved in a large scale attack on computer systems in Syria last autumn.

ESET claims that Dinos main goal seems to be the exfiltration of files from its targets.

Large scale cyber attacks on Iranian facilities started in 2010 after the US and Israel reportedly tried to disrupt the operation of Irans nuclear facilities through a worm that later became known as Stuxnet.

US intelligence officials revealed in June 2013 that the Stuxnet malware was not only designed to disrupt the Irans nuclear program but also was part of a wider campaign directed from Israel that included assassination of the countrys nuclear scientists.

Stuxnet is the first discovered worm that spies on industrial systems and reprograms them. It is written specifically to attack SCADA systems that are used to control and monitor industrial processes.

In September 2013 the Islamic Republic of Iran said that the computer worm Stuxnet infected 30 000 IP addresses in Iran but it denied reports that the cyber worm had damaged computer systems at the countrys nuclear power plants.