Jump to content

brainXploit2: The world's first digital weapon

Recommended Posts


The very popular "STUXNET" worm :D

It was said to be developed by American and Israeli intelligence agencies to affect the Iran's Natanz nuclear plant.
Stuxnet was designed to infect the Siemens appliances. The Iran's nuclear plant's centrifuges were manufactured by Siemens.
When a uranium sample was inserted into a Stuxnet infected centrifuge for refinement, the virus would command the machine to spin faster than it was designed for, then suddenly stop due to which the strain from the excessive speeds caused infected machines to disintegrate.
It is estimated that Stuxnet worm destroyed 984 uranium enriching centrifuges.


  • Like 1

Share this post

Link to post
Share on other sites

Well …. that's Stuxnet :) 

A little background information. So Iran became investing a lot in its nuclear program. Numerous nations were nervous about this but nothing major really happened until they declared that the "source of corruption has to be wiped off the face of the Earth". In that quote they refer to Israel. That's the moment when Israel decided they need to take action and the first plan was to bomb the Iran's nuclear power plants. Of course, this could led to an all out war and the US didn't approve it. Both countries agreed that Iran's nuclear program had to be stopped but a clever solutions was needed. This is the moment that Stuxnet started as an idea.  

The whole operation was a multinational, multi-agency cooperation. It involved the NSA, CIA, US Cyber Command, intelligence on Iran from Britain's GCHQ and Israeli Unit 8200. Stuxnet was designed to be a malware with the sole purpose of sabotaging Iran's Natanz nuclear power plant. The coding was done mainly by the NSA and Unit 8200. Unit 8200 was (maybe still is ?!) the biggest military unit in Israel. Stuxnet is considered the biggest computer virus to date. It was first detected in Belarus on June 17th 2010. Its name comes from two strings discovered while analyzing the binary, "Stub" and "xnet". It's about 20 times bigger than the average virus and has no bugs, which almost never happens with malicious code. At the moment of discovery, Stuxnet was packed with 4 zero-days exploits as delivery mechanisms and had installed valid digital certificate. The certificate was stolen from two unrelated companies in Taiwan with the only connection of being in the same business park. Stuxnet was targeting Siemens PLCs connected to very specific frequency converters from two manufacturers, one of which was in Iran. Those frequency converters were export controlled by the nuclear regulatory commission. The code had a kill date, a cut off date, on January 11th 2009, a few days before Obama Inauguration (January 20th 2009). It was later reauthorized by Obama administration. Stuxnet was specifically designed to target 6 groups of 164 centrifuges, this layout being accidentally confirmed by pictures inside of Natanz power plant released by Iran itself. Once at its target destination the virus would wait 13 days, the exact amount of time to fill an entire cascade of centrifuges with uranium. During this time it would record all the normal activities. It then would perform two attacks, the first one was increasing the rotors speed from 1000 Hertz to 1400 Hertz, shattering the metal, the second one was lowering the speed to 2 Hertz, making them fall apart. During the attacks the virus would relay back to the monitoring stations all the normal activities it recorded previous, to avoid being suspicious. The Stuxnet code keeps a log of all the infected machines in its path. After analyzing multiple samples it was possible to trace back the infection to the first 5 infections, all inside organizations involved with ICS, all in Iran and with ties to Natanz plant. The discovered sample had inside it configuration information, revealing its version number, 1.1. This led to multiple searches and led to the discovery that the first ever surfaced sample of Stuxnet had the version 0.5. Stuxnet was originally designed to be very stealthy. The last version, 1.1, was the most aggressive and because of this it was discovered. Stuxnet was the name given by the virus researchers. Its original name inside of NSA is Olympic Games (OG). Olympic Games was just a side plan, part of a much bigger operation, called Nitro Zeus. Nitro Zeus was the operation developed in the case of an all out war with Iran. It infiltrated in command and control systems, military air defense systems, power grid, transportation, communications, financial systems, basically all Iran's infrastructure 

I strongly recommend anyone with interest in information security, actually just interest in computers ... uhm, no, scratch that, everybody should  watch the documentary movie Zero Days. It's a documentary about Stuxnet with a lot more details and it's an eye opener to the possibilities (or threats) offered by the modern age.  

In conclusion cyber is the 4th dimension of war and Stuxnet just laid the foundation to something that could became very destructive, think a modified version of Judgment Day :) 

I wish you all a good and productive day !  

  • Like 2

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now