Stuxnet Archives -

Stuxnet

Are your USB flash drives an infectious malware delivery system?

USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash

Interconnection of Gauss with Stuxnet, Duqu & Flame

Last week, reports of a new malware named Gauss emerged, a complex threat that has attracted a lot of media attention due to its links to Stuxnet and Flame and its geographical distribution.  Since ESET has added detection for this threat, we are seeing geographical distribution of detection reports similar to those detailed by Kaspersky.

Stuxnet, Flamer, Flame, Whatever Name: There's just no good malware

A week ago the big malware news was the code known as Flame, Flamer, or sKyWIper (detected by ESET as Win32/Flamer.A), then on June 1, this news broke: "A damaging cyberattack against Iran’s nuclear program was the work of U.S. and Israeli experts and proceeded under the secret orders of President Obama." (Washington Post)  Clearly,

Win32/Duqu: It’s A Date

For the last few days, much malware research time has been devoted to the brand-new malware that ESET calls Win32/Duqu. One of the features that makes this kind of malware particularly interesting is that it very closely resembles Stuxnet, one of the most sophisticated worms of recent years. Last year we performed in-depth analysis of

Stuxnet and the DHS

In fact, the real interest of the document lies in the extensive overview (12 closely-typed pages without graphics and such) of the DHS view of its own cybersecurity mission.

Stuxnet: Wired but Unplugged

I've stopped maintaining Stuxnet resource pages recently, but occasionally I come across an article that adds something useful to the mix, or simply summarizes aspects of the Stuxnet story neatly and accurately. Besides, its authors must be feeling a little left out with all that fuss about TDL4. ;-) A recent report in Wired gives

Real War – The Next Cyber Frontier

Cyber Security pundits have been keenly watching the development of nascent state targeted attacks such as the Stuxnet worm with interest for some time and warning of the possible implications, but now it’s official. According to The Wall Street Journal, “The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public

The Stuxnet Train Rolls On…

… albeit more slowly than previously. Added to the resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3 today: A nice article by Mark Russinovich on Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 1. Though I don't think Stuxnet is universally acknowledged as the most sophisticated malware ever. See, for instance, http://gcn.com/articles/2011/01/18/black-hat-stuxnet-not-superworm.aspx. (Hat tip to Security Garden for the pointer.)

Stuxnet, SCADA and malware

Kelly Jackson Higgins in a Dark Reading article tells us that Malware Attacks Decline In SCADA, Industrial Control Systems, quoting a report published by the Security Incidents Organization drawing on its Repository of Industrial Security Incidents (RISI) database. One aspect that’s attracted attention on specialist lists is the mention of a large US power company

Langner, Stuxnet, US and Israel.

Added to the Stuxnet resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3 on 4th March 2011: Ralph Langner at the TED Conference, as summarized by the BBC: US and Israel were behind Stuxnet claims researcher. As previously mentioned at http://blog.eset.com/2011/03/03/nice-stuxnet-commentary-and-hype-deflation. (Hat tip to Mikko Hypponen. Again!) David Harley CITP FBCS CISSP ESET Senior Research Fellow

More on Stuxnet

A few more developments in the Never-Ending Story: Michael Joseph Gross on A Declaration of Cyber War in Vanity Fair. Despite a somewhat breathless tone in the introduction – "the world’s top software-security experts were panicked by the discovery of a drone-like computer virus" (where's my Valium?!) – actually a comprehensive and largely accurate account. It