A cybersecurity firm has discovered that the three hotels where the Iran nuclear negotiations took place were all likely hacked with a virus used by Israeli spies.
Kaspersky Lab ZAO's system was attacked with the same virus. After looking to see if other computers were affected, it discovered that the only three networks with that virus were at the three luxury hotels in Europe where the Iran negotiators met,
The Wall Street Journal is reporting.
According to Kaspersky, the spyware it discovered is an updated version of a virus called Duqu, which Israel has used in the past to conduct highly sensitive intelligence-collection operations.
The United States government learned that
Israel was spying on the talks in 2014, which the Journal reported on in March.
Kaspersky is expected to reveal its findings publicly on Wednesday, which should provide new information about how stealth viruses are used by spies.
The Moscow-based cybersecurity firm doesn't mention Israel by name, but the report does include implications that it suspects that Israel is connected. For one, the report is titled "The Duqu Bet." The second letter of the Hebrew alphabet is bet.
In addition, the company noticed striking similarities between the virus and Duqu.
Kapersky writes in its report that the similarities are so strong that the virus "could not have been created by anyone without access to the original Duqu source code," the Journal reports.
Despite its findings, Kaspersky says that there are still a lot of unanswered questions, such as in what way the virus was used as well as what data was compromised.
Some possibilities suggested by the firm include eavesdropping on conversations and having control of hotel systems, which could give hackers the ability to have control over computers, phones and elevators.
Israel has said that it has not spied on the Iran negotiations, but it does admit to having a history of spying on Iran in general.
The Kaspersky report is being analyzed by the FBI and the agency has yet to confirm the findings, but officials have said that the news isn't surprising.
The fact that the hackers were able to make their way into Kaspersky's own system without notice for more than six months in 2014 is evidence of just how sophisticated they are, experts told the Journal.
Before kicking the hackers out of their system, the cybersecurity firm spent some time watching the virus in action in an attempt to see how it functioned.
While Costin Raiu, director of Kaspersky's global research and analysis team, said that the company has tried to be prepared for a cyberattack, the company officials were surprised by the sophistication of the virus.
Kaspersky did not name the hotels that were targeted. However, the virus was also reportedly found in computers where a ceremony was held to honor the 70th anniversary of the liberation of Auschwitz, which was attended by several of the negotiators.