[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Stuxnet may have up to 4 malware siblings made on the same
From: InfoSec News <alerts () infosecnews ! org>
Date: 2011-12-30 9:57:25
Message-ID: alpine.DEB.2.02.1112300357080.21696 () infosecnews ! org
[Download RAW message or body]
http://venturebeat.com/2011/12/29/stuxnet-siblings/
By Meghan Kelly
VentureBeat
December 29, 2011
Stuxnet has been called the most sophisticated computer worm ever
created. We know there are siblings to the malware which took down
Iran's nuclear centrifuges, but now Kaspersky labs is saying there may
be up to four other worms in the family tree.
In 2010, Stuxnet infiltrated Iran's nuclear program. The highly capable
malware targets an industrial control system called SCADA, which
operates as a management tool for commercial grade software and
hardware. It shut down the equipment responsible for creating fuel for
nuclear weapons, which Iranian president Mahmoud Ahmadinejad later
admitted. In 2011, the Duqu virus was discovered and named as part of
the Stuxnet family of malware, bringing the count up to two highly
sophisticated worms.
According to a report by Reuters, Russian security company Kaspersky
Labs has identified three others. When originally found, Kaspersky said
Stuxnet was so mature it could have been made by an intelligence agency.
Later, the United States and Israel were both blamed for its creation
and eventual dispersal. Neither country has taken responsibility.
Though we don't know what lab the worms originated from, the same one
gave birth to both Stuxnet and Duqu as well as the three siblings.
Kaspersky discovered this after observing the two virus' attempt to find
the other three. Costin Raiu, the firm's director of global research and
analysis, explained that when the two are deployed, they search for
registry keys that allow them to fully install their malware. When
searching for those keys, however, Kaspersky found Stuxnet and Duqu were
both searching for three other keys. This means that the worms have
siblings that work in tandem with it, strengthening its damaging power.
[...]
_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic