Archive for October, 2010
stuxnet
Posted by xiaokucha in Uncategorized on October 3, 2010
Some say the Stuxnet virus is targeted at Iran nuclear, but from chart below(from wikipedia http://en.wikipedia.org/wiki/Stuxnet), we can see that China has the most targets infected…
Country Infected Computers China 6,000,000 (October 1) Iran 30,000 Indonesia 13,336 India 6,552 United States 2,913 Australia 2,436 Britain 1,038 Malaysia 1,013 Pakistan 993 Germany 5 (September)
This reminds me of the malfunction of subway line 10 in Beijing on Sep 30th, the line 10 subway control system uses the Siemens system(I can see the big Siemens logo on the yellow subway device between the rails), here is an article about Stuxnet http://www.symantec.com/connect/zh-hans/blogs/stuxnet-1 from Livian Ge in Symantec.
According to the information on internet, Stuxnet should not be called a normal virus to us, ’cause it causes no damage to us(normal pc users), it uses C, C++ in Windows host(wrapper of .dll in Step 7 dev environment), and MC7(machine code injection) on target env, mainly to control and steal infomation from industrial programs in PLC used in Siemens devices(widely used in daily industrial infrastructures, like subway, power plant, etc.). It is so complicated and big(half megabyte), can also be updated via peer to peer, which means internet update is not used, it relies on usb drives to spread and update.
So who has the knowledge and energy to build such a “tool” and what is the purpose?