Feb 13, 2011

Report: computer malware hit five sites in Iran

From a report in the New York Times:

The Stuxnet software worm repeatedly sought to infect five industrial facilities in Iran over a 10-month period, a new report says, in what could be a clue into how it might have infected the Iranian uranium enrichment complex at Natanz.

The report, released Friday by Symantic, the Norton antivirus publishers, said there were three waves of attacks.

The team was able to chart the path of the infection because of an unusual feature in Stuxnet that recorded information on the location and type of each computer it infected which allowed the authors of Stuxnet to know if they had successfully reached their intended target.

By taking samples of Stuxnet they had collected from various computers, the researchers were able to build a model of the spread of the infection. They determined that 12,000 infections could be traced back to just five initial infection points.

More here.