August 15, 2011


Stuxnet (if you haven't heard) is a piece of malware.  But not a normal type of malware.

It doesn't infect someone's computer and spam them with porn, or steal passwords, or anything of that nature.  Stuxnet is much more ingenious.

You see, viruses, worms, trojan horses and other sorts of malware usually cause virtual damage to computers, networks, or servers.  And while some viruses can be pretty general as to who they attack, some are very specific -- infecting very few computers in order to perform a task and stay under the radar.  Stuxnet was the latter form of virus; but it didn't just cause virtual damage.  Stuxnet had but one aim: to sabotage [Iran]’s uranium enrichment program and prevent President Mahmoud Ahmadinejad from building a nuclear weapon.

Now, if you don't understand why this is pretty fucking scary, let me put it this way: this virus was causing physical damage to equipment that dealt with uranium.
Mainly penis-like centrifuges (Source).
You see, Stuxnet was made to infect Programmable Logic Controllers (PLCs) which control centrifuges that enrich uranium.  It would search for systems with specific Siemens settings that tell it if it's been installed on a very specific PLC device.

Now, that's pretty scary shit on its own; but, there's more.  In order to actually accomplish these goals, three separate zero-day exploits were used.  Normally, hackers will limit themselves to using one zero-day exploit in order to install a root-kit onto a system -- and for a very good reason.  The fewer exploits they use, the fewer exploits Microsoft or some anti-virus company can fix.  Simple, right?

That's why it's so surprising to see malware with not one or two, but three different zero-day exploits:

The Stuxnet exploits (Source).

Fuck who ever made this, seriously.  How do you even find three different zero-day exploits?  Honestly, this is how a majority of "hackers" work:

  1. Accidentally stumble upon an exploit.
  2. Write a virus that takes advantage of this exploit.
  3. Release virus where it will most likely infect users who are vulnerable to this exploit.
  4. Sit back drink Mountain Dew.
In order to find three exploits that are applicable to this very specific task of infecting PLCs that control centrifuges that enrich uranium seems impossible.  I mean, it would take a team of programmers with some sort of nation backing to pull this off.

Fuck that nation.

Wait, Ralph Langner theorizes that it's the "United States."

Uhh... shit.


Post a Comment