Page 1 of 1

Stuxnet

PostPosted: May 28th, 2011, 4:08 pm
by Klinc
What a cool piece of malware. Wonder if mac user still going on macs are safe. A rootkit on a industrial system PLC that can sabotage it WTF lol they could bomb your bios like that

RE: Stuxnet

PostPosted: May 28th, 2011, 5:28 pm
by shovenose
Well, actually, Mac viruses are starting to be created!

RE: Stuxnet

PostPosted: May 28th, 2011, 6:53 pm
by Klinc
Read this
http://www.symantec.com/content/en/us/e ... ossier.pdf

That's the MF of all malware ever created. It was designed to sabotage a nuclear power station. Its the worlds first rootkit on PLC systems. Please don't tell me you never heard of it. They can blow up things via malware now lol they
Stuxnet blew up a gas pipe line in russia

This is some bits and pieces from other sources over it

"I'd call it groundbreaking," said Roel Schouwenberg, a senior antivirus researcherat Kaspersky Lab. By comparison, other notable attacks, like the one dubbed"Aurora" that hacked Google's network, andthose of dozens of other major companies, was child's play.

Unbeknownst to Microsoft, it had plugged just one of four zero-day vulnerabilities thatStuxnet used to gain access to a company's network, then seek out and infect the specific machines that managed SCADA systems controlled by software from German electronics giant Siemens.

With a sample of Stuxnet in hand, researchers at both Kaspersky and Symantecwent to work, digging deep in its code in an attempt to learn how it ticked.
What the two companies independently found was attack code that targeted three more unpatched Windows bugs.
"Within a week, a week-and-a-half [of news of Stuxnet], we discovered the print spooler bug," said Schouwenberg. "Then we found one of the EoP (elevation of privilege) bugs." Microsoft researchers discovered a second EoP flaw, Schouwenberg said.
Working independently, Symantec researchers found the print spooler bug and two EoP vulnerabilities in August.
Both firms reported their findings to Microsoft, which patched the print spooler vulnerability [8] on Tuesday, and said it would address the less-dangerous EoP bugs in a future security update.
"Using four zero-days, that's really, really crazy," said O Murchu. "We've never seen that before."
Neither has Kaspersky, Schouwenberg echoed.
But the Stuxnet wonders didn't stop there. The worm also exploited a Windows bug patched in 2008 with Microsoft's MS08-067 update. That bug was the same vulnerabilityused to devastating effect by the notorious Conficker worm [9] in late 2008 and early 2009 to infect millions of machines.
Once within a network -- initially delivered via an infected USB device -- Stuxnet used the EoP vulnerabilities to gain administrative access to other PCs, sought out systems running the WinCC and PCS 7 SCADA management programs, hijacked them by exploiting either the print spooler or MS08-067 bugs, then tried the default Siemens passwords to commandeer the SCADA software.
They could then reprogram the so-called PLC(programmable logic control) software to give machinery new instructions.
On top of all that, the attack code seemed legitimate because the people behind Stuxnet had stolen at least two signed digital certificates.

RE: Stuxnet

PostPosted: June 3rd, 2011, 7:36 am
by Morsec0de
Never heard of it. Might look into it though since a friend of mine has a Mac, and he takes me for granted in keeping his Mac secure. I'm a computer guru, apparently, although I've never heard of Stuxnet.

Re: Stuxnet

PostPosted: November 17th, 2011, 6:53 am
by Klinc
Yeah but they are created in such away if you dont have the Step 7 software on your pc like the powerplants use then it deletes itself. So the avg end user is safe.