Stuxnet, the Weaponized Malware

In its news dated January 11, 2011, Xianet.net reports that the computer virus Stuxnet abused 4 zero-day security flaws inflicting Windows software that Microsoft fixed in the aftermath. The "payload," alongside the 0-day assaults, also used an illegitimately acquired digital certificate, which Verisign supplied.

However, the Stuxnet utilized 2 legitimate digital certificates as well that it captured from JMicron and Realtek with which hackers could keep their malware on infected computers for an extended time-period without drawing any notice. The certificates helped in disguising the malware like it was some reliable software while it interacted with other tools.

State the security researchers that the above kind of assault that utilizes digital certificates is reportedly an unprecedented one. Consequently, the development is extremely threatening and worrying. Moreover, the danger associated with the threat, according to the researchers, has gone beyond damaging an organization's good name, as attackers have been using the certificate despite its expiry, causing tangible destruction to the organization as well as its workforce in case the worm effectively rendered a utility alternatively manufacturing process vulnerable.

Conventionally, when a facility used to be damaged, the approach adopted was utilizing any traditional weapon. But in the case of Stuxnet, it surprisingly tries to technically destroy a facility devoid of itself applying the damaging force, that is, it's a malicious program that's created, particularly, to serve as a weapon. Consequently, it's categorized as "weaponized malicious software."

And with malware such as the Stuxnet exploiting 4 zero-day flaws along with captured digital certificates, a fresh age characterized with cyber-crime and cyber warfare seems to have started. But, the happening of this variant isn't the lone one. For, Aurora, another computer virus, was an edition of the first-generation type, while Stuxnet stands for an evolutionary jump of considerable nature in terms of sophistication and complexity. Besides, the potential expenses an infected organization incurs due to a successful Stuxnet assault are high like never before.

The worm reportedly, spreads of its own and to numerous systems. Furthermore, it doesn't have any connection with a C&C host since it's a separated network and that makes its development significant.

Related article: Stuxnet malware Signed With JMicron Certificate

» SPAMfighter News - 1/20/2011