Entries with tag stuxnet.

Security Researcher: First Stuxnet Version Was More Dangerous

A newly released analysis of the Stuxnet worm—which has been called the first cyberweapon—contends it has a forgotten sibling. Like the more famous Stuxnet version, the older, more complex malware was also built to disrupt the functioning of Iran’s uranium enrichment facility, said control-system security expert Ralph Langner, head of independent cyberdefense consultancy the Langner Group. It was designed to infect a controller to increase the operating pressure in the facility’s gas centrifuges to damaging levels that would ultimately erode the centrifuges. Langner said the malware “is about an order of magnitude more complex and stealthy [than the subsequent Stuxnet version]. It qualifies as a nightmare for those who understand industrial control system security. And strangely, this more sophisticated attack came first. The simpler, more familiar [version] followed years later.” He contends there was a “change in stakeholders” as Stuxnet was being developed. All indications point to the US National Security Agency as Stuxnet’s creator, Langner said. (SlashDot)(Help Net Security)(Foreign Policy)(“To Kill a Centrifuge: A Technical Analysis of What Stuxnet’s Creators Tried to Achieve,” Ralph Langner, The Langner Group, November 2013.”)

Researchers Discover Link between Flame, Stuxnet

Kaspersky Lab researchers claim they have found evidence showing the creators of the Stuxnet, Duqu, and Flame cyberweapons cooperated at least once. The researchers found a module known as Resource 207 that appears in the Stuxnet worm and is similar to code used in the Flame malware toolkit. The finding prompted researchers to rescind their previous assertion that the two attacks were unrelated. They also determined that Flame existed originally as a platform within Stuxnet as early as 2008. Alan Woodward, a security expert and University of Surrey professor , told the BBC that the findings are interesting but do not clearly indicate the party behind the attacks. “The fact that they shared source code further suggests that it wasn’t just someone copying or reusing one bit of Stuxnet or Flame that they had found in the wild, but rather those that wrote the code passed it over,” he said. “At the very least, it suggests there are two groups capable of building this type of codeFlame, Stuxnet, Kaspersky Lab, University of Surrey but they are somehow collaborating, albeit only in a minor way.” (BBC)(Securelist – Kaspersky Lab blog)

Showing 2 results.