The story of Israel using a sophisticated cyberweapon to spy on the United States and others attending nuclear talks is getting weirder. According to Kaspersky, the attackers not only used a Stuxnet-like weapon — they also used a stolen security certificate from Foxconn to sign the malware.
This is both crazy and curious. The new attack also targeted Kaspersky and is being called Duqu 2.0, due to its resemblance to the original Duqu 1.0 weapon. But here’s the wrinkle, as Wired‘s Kim Zetter explains:
While Stuxnet was likely created jointly by teams in the US and Israel, many researchers believe Israel alone created Duqu 1.0 and Duqu 2.0.
In all three attacks — Stuxnet, Duqu 1.0 and Duqu 2.0 — the attackers employed digital certificates from companies based in Taiwan.
And to get those certificates, the assailants must’ve hacked into companies like Foxconn. So it’s safe to say that pretty much everybody’s been hacked now, and it’s Israel’s fault. And since Duqu 1.0 was called the return of Stuxnet then maybe there was even American code somewhere in that malware.
So Israel may have used our own code and stole security credentials from the company that builds our iPhones so that it could spy on Americans while the world’s leaders were trying to prevent a nuclear apocalypse.