Security researchers revealed that there is at least one reference in the code of the notorious Stuxnet worm that would suggest a connection with Israel.The Stuxnet malware, which has been built for industrial espionage and/or sabotage, is already viewed as the most sophisticated malware ever created.
The worm was discovered in July and is capable of stealing information from Siemens SCADA systems, which are used in many of the world's power plans, oil and gas refineries or factories.
It is also capable of writing hidden code to the PLCs (programmable logic controllers) used by SCADA systems, which means it can potentiall sabotage critical installations.
Due to its never-before-seen sophistication, the worm is most certainly the work of a specialized team of programmers and not amateur hackers.
Since Iran was one of the most affected countries, some people have speculated that Stuxnet is the creation of a nation-state, with US and Israel as likely candidates, that targeted the country's Bushehr nuclear power plant.
Symantec's malware researcher Liam O Murchu, who was actively involved in researching Stuxnet, held a presentation about the threat at the VB2010 conference in Vancouver yesterday.
O Murchu disclosed that there is a "05091979" marker in the code, which might reference the date of May 9, 1979, when Habib Elghanian, the president of the Tehran Jewish Society, was executed by the newly installed Islamic regime in Iran.
The event was strongly criticized by the Western countries at the time and his execution marked the beginning of the exodus of the Iranian Jewish community.
While this might seem to suggest that Israel could be involved, or at least that Iran was the primary target of the attack, the researcher advises caution in drawing such conclusions.
He points out that the reference might just as well have been placed there by the code writers to mislead or to intentionally implicate Israel.
There was also a separate Stuxnet-related presentation at the conference in which researchers from Kaspersky, Symantec and Microsoft, jointly discussed the four zero-day Windows vulnerabilities exploited by the worm.
Update: Corrected the referenced year from 1975 to 1979.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
