Earlier version of deadly cyberweapon bared

Share on facebook
Share on twitter
Share on linkedin
Share on email

Stuxnet proved that malicious programs executing in the cyber world could successfully impact critical national infrastructure. The earliest known variant of Stuxnet was version 1.001 created in 2009. That is, until now. Internet security firm Symantec it has recently analyzed a sample of Stuxnet that predates version 1.001. Analysis of this code reveals the latest discovery to be version 0.5 and that it was in operation between 2007 and 2009 with indications that it, or even earlier variants of it, were in operation as early as 2005. Key discoveries found while analyzing Stuxnet 0.5:

? Oldest variant of Stuxnet ever found ? Built using the Flamer platform ? Spreads by infecting Step 7 projects including on USB keys ? Stops spreading on July 4, 2009 ? Does not contain any Microsoft exploits ? Has a full working payload against Siemens 417 PLCs that was incomplete in Stuxnet 1.x versions

As with version 1.x, Stuxnet 0.5 is a complicated and sophisticated piece of malware requiring a similar level of skill and effort to produce. Despite the age of the threat and kill date, Symantec sensors have still detected a small number of dormant infections (Stuxnet 0.5 files found within Step 7 project files) worldwide over the past year. ]]>

Facebook Comments

Latest Posts

Archives