Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Symantec Uncovered Stuxnet’s Code

According to a document that Symantec published recently, the security company has uncovered the code of Stuxnet, which attacked a nuclear processing plant in Iran. ReadWrite Hack reported this on June 28, 2011.

Last year i.e. 2010, Symantec, on July 20, arranged for tracking web-traffic that linked to the C&C servers of Stuxnet. Consequently, it found around 40,000 distinct Internet Protocol addresses that emanated from around 155 countries. Says Symantec that the PC-network of the Iranian plant had a so-called "air gap" among the computers, which helped in communicating with the controllers of Siemens, as well as the plant's plain business network, which was connected online.

And as infections cluttered in Iran, it possibly showed that the worm' first target was this country. Although Stuxnet represents a malware that's targeted in nature, its utilization of propagation methods of a large type is suggestive of its dissemination over and above the initial attack point.

Reportedly, Stuxnet's creators attacked the plant's 5 probable subcontractors, perceiving that ultimately one of their employees will take his notebook PC inside the plant where he'll load a few programs onto the controller computers utilizing an external drive. Thereafter, using one particular new 0-day assault, the virus would alter the icon of a Windows document within Explorer that by simple viewing would compromise the infected system.

Further, when it was February 2011, Symantec had already collected 3,280 distinct samples of 3 separate variants. Incidentally, whenever a fresh Stuxnet contamination happens, the worm maintains system information. So studying this data, Symantec came to the conclusion that Stuxnet executed a personalized assault against 5 separate organizations on the basis of the registered domain names of the PCs.

Describing Stuxnet's action, Symantec said that it rotated horizontally within the centrifuges at an excessive frequency causing large-scale destruction. During this while, the virus replayed the controller traffic of the earlier 2-weeks to those operating the plant so no suspicion arose till the time the systems began malfunctioning. It also deactivated the controllers' inbuilt kill switches that effectively prevented the systems from shutting down.

Apparently Symantec cautions, the creators of Stuxnet may bring something more dangerous next time.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 06-07-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next