Your Source for Leaks Around the World!

Stuxnet Origins: US Targeted Iran’s Nuclear Research Facility Before Its Erection

In Archive, Hacking, Malware, Stuxnet on February 27, 2013 at 8:50 AM

02/27/2013

The first potentially explosive cyber-weapon used to attack Iran’s nuclear research infrastructure was developed before Iran even started enriching uranium at the Natanz facility, researchers at the security company Symantec have discovered.

The dormant computer virus that was behind an attack on Iran’s nuclear program as early as 2005 still threatens computers worldwide, mainly in Iran and the United States, Symantec’s new report suggests.

The anti-virus giant, on Tuesday, claimed that a team of specialists has discovered a version of the Stuxnet computer virus that was used against Tehran in November 2007, two years earlier than previously assumed.

The threat, Stuxnet version 1.001, which the company helped to uncover in July 2010, “one of the most sophisticated pieces of malware ever written” is now believed to have had an impact on the critical national infrastructure of nation states.

When the virus originally surfaced, it was alleged that Washington and Tel Aviv used it to attack an Iranian nuclear plant at Natanz.

But the latest analysis by the Symantec Security Response has revealed that an earlier version of 1.001, Stuxnet 0.5 was in operation between 2007 and 2009 with the possibility of even earlier variants going back to  2005.

Yet eight years ago Iran was in the process of building its uranium enrichment facility, said Symantec researcher Liam O’Murchu, as the plant became operational in 2007.

“It is really mind-blowing that they were thinking about creating a project like that in 2005,” O’Murchu told Reuters ahead of the report’s release at the RSA security conference in San Francisco.

Stuxnet Symantec Graph

Stuxnet 0.5 Attack Strategy

All versions of Stuxnet have allegedly been used to change the speeds of around 1,000 gas-spinning centrifuges without being detected, thus sabotaging the research process of Iranian scientists. Such manipulation, say some experts, could potentially lead to an explosion.

Symantic said that the new variant is the oldest version of Stuxnet found and is spread by “infecting Step 7 projects including USB keys.”

It also has a kill date which stopped it from spreading on July 4, 2009.

“The 0.5 version was a mixture of sabotage and espionage – affecting the valves and reporting back,” Sian John, Symantec’s director of security strategy for UK and Ireland Enterprise was quoted by The Guardian as saying. “This really goes to show that with the right impact and amount of research, these groups can create very targeted attacks.”

The security company also detected a number of dormant infections worldwide over the past year. Out of a small number discovered, 47 per cent were found in Iran while 21 per cent were in the US.

Stuxnet Infections

Via RT

  1. […] to the NSA and its Five Eyes alliance based on a number of indicators. They include programs like Stuxnet, used to attack the Iranian nuclear program. Or Regin, a powerful spyware trojan that created a […]

  2. […] to participants in the program.” As part of that plan, the U.S. and Israel jointly unleashed the Stuxnet virus on Iranian nuclear facilities, but a programming error “allowed it to escape Iran’s Natanz plant and sent it around the world […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: