Stuxnet Virus Created More Than A Year Back

Security researchers who have been investigating Stuxnet, a sophisticated PC virus created for theft of industrial secrets, reveal that it has been prevalent over a period much longer in comparison to what was earlier thought.

Actually, nobody knew about the malware until mid-July 2010 at the time when researchers at Minsk, Belarus (Eastern Europe) based security firm VirusBlockAda detected it. The virus outstands in technical sophistication as much as in targeting PCs used for industrial control in power plants and factories.

Now, security investigators at Symantec Corp claim that they have spotted a previous variant of Stuxnet, which was made during June 2009 and subsequently developed to higher sophistication during H1-2010.

Moreover, when the creation of Stuxnet became complete, its makers included fresh software, which helped it to proliferate amidst USB devices without requiring any interaction from the victim. What's more, the Stuxnet writers even succeeded in grabbing the encryption keys that JMicron Technology Corp., and Realtek Semiconductor Corp., the chip companies owned. With these keys the malware could be digitally signed that made it harder for anti-virus engines to detect it.

Stated Liam O Murchu, security researcher with Symantec, the malicious program had been undergoing constant evolution, while the writers introduced extra exploits, components and encryption. InformationWeek published this in news on August 5, 2010.

One more fascinating discovery by Symantec is that Stuxnet's latest version is smaller in size compared to its first one despite the newer sample having increased features. According to O Murchu, threats normally become bigger with time; therefore the fact that the newer version contains added resources (14 against 11) isn't unusual. However, it's astonishing to find Stuxnet's later versions in sizes smaller compared to the earlier ones, he adds.

Meanwhile, security researchers in their remarks state that it's been many years now that these targeted assaults are going on. Stuxnet's evolution hints the presence of brilliance, if not apparent intentions, in the virus' success.

Hence, Web-surfers are recommended that they maintain caution vis-à-vis the malicious activities of the malware and deploy each and every essential security software program to keep the threat at bay.

Related article: Stuxnet Malware Signed With JMicron Certificate

» SPAMfighter News - 8/13/2010