US firm finds new ´Stuxnet-related´ worm (JERUSALEM POST) By YAAKOV LAPPIN 03/27/12)
JERUSALEM POST Articles-Index-Top
Researchers at the US computer security firm Symantec say they have
obtained a new version of an Internet worm that has been linked to
the Stuxnet virus.
Stuxnet is the name of a computer virus that was detected in 2010,
which reportedly caused significant damage to Iran’s uranium
It targeted Siemens supervisory control and data acquisition (SCADA)
systems, used by Iran to enrich uranium through spinning centrifuges.
Foreign media reports speculated that Israel or the US, or both, were
behind the attack.
Five months ago, Symantec detected a computer worm, Duqu, which sends
back information on systems that would help attackers prepare a
Duqu “must either have been created by the same group that authored
Stuxnet, or by a group that somehow managed to obtain Stuxnet’s
source code,” Symantec said following the discovery.
Now, Symantec said, part of a new version of Duqu has been found.
Researchers at the firm said they came to possess a part of the worm
which causes it to load on a computer after it restarts.
“The compile date on the Duqu component is February 23, 2012, so this
new version has not been in the wild for very long,” a post on
Symantec’s blog said. “We can see the authors have changed just
enough enough of the threat to evade some security product detection.”
Last year, Symantec concluded that the mysterious authors behind
Stuxnet, described as the most sophisticated cyber weapon on the
planet, appear to be planning another strike, and have updated their
advanced spy program designed to search out weaknesses.
The Duqu worm was believed to have infected systems in countries from
Vietnam to France, including Iran.
In recent days, another cyber security company, Kaspersky Lab,
reported that Duqu had been written in “pure C,” an old programming
language “long since discarded by most programmers in favor of newer
versions,” ABC News reported.
Quoting Kaspersky researchers, ABC said that the old language was
used “to make sure that the worm could infect just about everything
it touched.” (© 1995-2011, The Jerusalem Post 03/27/12)
Return to Top
MATERIAL REPRODUCED FOR EDUCATIONAL PURPOSES ONLY