EU okays fresh Iran sanctions; new version of Flame virus uncovered

European Union governments on Monday agreed on further sanctions against Iran's banking, shipping and industrial sectors, cranking up financial pressure on Tehran in the hope of drawing it into serious negotiations on its nuclear program.

The decision by EU foreign ministers reflected mounting concerns over Iran's nuclear intentions and Israeli threats to attack Iranian atomic installations if a mix of sanctions and diplomacy fails to lead to a peaceful solution.

Related articles:

• Official: US blames Iran hackers for cyberattacks
• PM: Israel can deal with Iran threat
• Op-ed: The American mistake
  

EU foreign policy chief Catherine Ashton said she hoped that turning up the heat on the Islamic Republic would persuade it to make concessions and that negotiations could resume "very soon."

"I absolutely do think there is room for negotiations," said Ashton, who represents the United States, China, Russia, Britain, France and Germany in their on-and-off talks with Iran. "I hope we will be able to make progress very soon."

The new sanctions mark one of the EU's toughest moves against Iran to date and a significant change of policy for the 27-member bloc, which has hitherto focused largely on targeting specific people and companies with economic restrictions.

The EU has lagged the United States in imposing blanket industry bans because it is concerned not to punish ordinary Iranian citizens while inflicting pain on the Tehran government.

Iran maintains that its nuclear project has only peaceful energy purposes and has refused in three rounds of talks since April to scale back its uranium enrichment activity unless major economic sanctions are rescinded.

But governments in Europe and the United States, doubting Iran's preparedness for more than dilatory "talks about talks", are instead tightening the financial screws on Tehran and fears of a descent into a new Middle East war are growing.

German Foreign Minister Guido Westerwelle was more pessimistic than Ashton about the prospect that additional economic pain might drive Tehran - whose Islamic Revolution has long thrived on defiance of the West - to make concessions.

"Iran is still playing for time," he told reporters. "We don't see a sufficient readiness for substantial talks about the nuclear program."

Talks may resume soon. Ashton (Photo: Reuters)

Also on Monday, security researchers said a new cyberespionage tool linked to the Flame virus has been infecting computers in Lebanon, Iran and elsewhere.

Kaspersky Lab, which was credited with revealing the Flame virus earlier this year, dubbed the new malware "miniFlame," and said it was "a small and highly flexible malicious program designed to steal data and control infected systems during targeted cyber espionage operations."

Russian-based Kaspersky said miniFlame "is based on the same architectural platform as Flame," widely reported to be part of a US-Israeli effort to slow Iran's suspected nuclear weapons drive.

The smaller version "can function as its own independent cyber espionage program or as a component" inside Flame and related malware.

Unlike Flame, which is designed for "massive spy operations," miniFlame is "a high precision, surgical attack tool," according to Alexander Gostev at Kaspersky Lab.

"Most likely it is a targeted cyberweapon used in what can be defined as the second wave of a cyberattack."

Kaspersky Lab data indicates the total number of infections worldwide is just 50 to 60, including computers in Lebanon, France, the United States, Iran and Lithuania.

MiniFlame operates "as a backdoor designed for data theft and direct access to infected systems," according to Kaspersky, which said development of the malware might have started as early as 2007 and continued until the end of 2011, with several variations.

"We believe that the developers of miniFlame created dozens of different modifications of the program," Kaspersky said. "At this time, we have only found six of these, dated 2010-2011."

Flame previously has been linked to Stuxnet, which attacked computer control systems made by German industrial giant Siemens used to manage water supplies, oil rigs, power plants and other critical infrastructure.

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there. The worm was crafted to recognize the system it was to attack.

Some reports say US and Israeli intelligence services collaborated to develop the computer worm to sabotage Iran's efforts to make a nuclear bomb.

• Follow Ynetnews on Facebook and Twitter
• Receive Ynetnews updates directly to your desktop