Stuxnet Virus’ Roots Traced to 2007, Reports Kaspersky
According to Kaspersky Labs, a computer security company based in Russia, which recently conducted a research, the Stuxnet PC-virus, which during 2010, destabilized the nuclear scheme in Iran, probably belonged to a set of 5 or more cyber-weapons that were created against a common platform and the sources of which go back three years before to 2007.
Security researchers across a wide spectrum, hold the conviction that Israel and the U.S. were responsible for Stuxnet, although both countries have formally abstained from remarking on it.
In the meantime, making a link to Stuxnet is one more malware namely Duqu, a Trojan that steals data, however, according to Kaspersky's research, the cyber-weapon, which attacked Iran was potentially much more advanced compared to earlier perceptions.
Security researchers at Kaspersky stated that in their opinion, Stuxnet and Duqu comprised projects of the same period that a common developers' team supported.
So far as architecture is concerned, both Stuxnet and Duqu were created with the identical platform called 'Tilded.' Moreover, the researchers revealed that the creators of the two malware, somehow, favored using '~d' at the start of their file names. Govinfosecurity.com reported this on December 29, 2011.
The researchers further stated that they discovered many more details, which indicated one or more spyware programs used in the Tilded platform during 2007/2008 along with more programs, with vague functionalities, which were written during 2008 to 2010.
The data available with Kaspersky, stated the company's researchers, also suggested with reasonable certainty that it was at 2007-end or beginning of 2008 when Tilded was introduced after which it went through considerable alterations during the summer/autumn of 2010. The alterations apparently involved code made sophisticated along with developments that were required for evading anti-viruses' detections, the researchers added. Securelist.com published this on December 28, 2011.
Interestingly, of the several projects that used Tilded-based software all through 2007-11, Duqu and Stuxnet were recognized as two from among them while the remaining, currently, stayed unknown. Besides, there was constant development of the platform that solely implied that increased modifications were expected over time, the researchers stated at the end.
Related article: Stuxnet Malware Signed With JMicron Certificate
» SPAMfighter News - 07-01-2012