Jump to content

Sooo...apparently The Us And Israel Made Stuxnet...


bwall
 Share

Recommended Posts

http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/

To be honest, I'm happy. I thought it was the Russians trying to push the Iranians to increase tension with Israel so the Cold War could restart/continue.

Link to comment
Share on other sites

http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/

To be honest, I'm happy. I thought it was the Russians trying to push the Iranians to increase tension with Israel so the Cold War could restart/continue.

I'm not seeing any proof or confirmation that the US/Israel made it. They just claim its detailed in some upcoming book. This could be Ars just being Ars again (sensationalistic and over dramatic)...

telot

Link to comment
Share on other sites

I'm not seeing any proof or confirmation that the US/Israel made it. They just claim its detailed in some upcoming book. This could be Ars just being Ars again (sensationalistic and over dramatic)...

telot

True. Also seems like an interesting piece of info to be released as Anon is ripping itself apart. I've been watching stuff that's been trending on pastebin, and its getting ugly lol.

Edit: But on the other hand...

http://topics.nytimes.com/top/reference/timestopics/subjects/c/computer_malware/stuxnet/index.html

Edited by bwall
Link to comment
Share on other sites

This was mentioned over a year ago that it was a joint effort from the US and Israel, but no one has officially stepped up and said yes they did it. I don't doubt it though. Countries engage in this sort of thing on a daily basis. Its only when they get caught or publicly exposed does it ever come to light. IE: NSA's private room at AT&T for wiretapps on US citizens. Until a whistle blower comes forward or someone discovers the origins, its hard to say with certainty who or what is going on these days.

Link to comment
Share on other sites

http://cyberarms.wordpress.com/2012/06/01/officials-confirm-stuxnet-was-a-us-israel-creation/

Elections very close....not optimistic for the future...not at all...

The only thing that confirms to me is that bloggers and the media know how to keep the FUD moving.

Link to comment
Share on other sites

  • 3 weeks later...

http://www.grc.com/securitynow.htm Episode 355 and 357, Stuxnet seems to be wrote by the same authors as the newly found Flame Virus, its also thought to be a module for the Flame, this thing is sick, and the amount of effort put into this had to be Governmental and probably part of the 'Olympic Games'

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all , The Flame virus was originally thought to be written by a different group than Stuxnet ( http://www.crysys.hu/skywiper/skywiper.pdf Was first called skywiper by crysys, but a module in the reverse engineering process found a module called flame, therefore the new name.) but is now looking like its from the same author(s)http://www.forbes.com/sites/kenrapoza/2012/06/11/kaspersky-lab-same-countries-behind-stuxnet-and-flame-malware/. I've been following this for the last week and its really really interesting. I'd listen to those 2 episodes of that podcast if you want to know more about how it works.

There's still no proof that this was done by the US or Israel. I just find the technology behind it incredibly interesting. Makes me want to go into malware analysis lol.

Edited by soka80
Link to comment
Share on other sites

http://www.grc.com/securitynow.htm Episode 355 and 357, Stuxnet seems to be wrote by the same authors as the newly found Flame Virus, its also thought to be a module for the Flame, this thing is sick, and the amount of effort put into this had to be Governmental and probably part of the 'Olympic Games'

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all , The Flame virus was originally thought to be written by a different group than Stuxnet ( http://www.crysys.hu/skywiper/skywiper.pdf Was first called skywiper by crysys, but a module in the reverse engineering process found a module called flame, therefore the new name.) but is now looking like its from the same author(s)http://www.forbes.com/sites/kenrapoza/2012/06/11/kaspersky-lab-same-countries-behind-stuxnet-and-flame-malware/. I've been following this for the last week and its really really interesting. I'd listen to those 2 episodes of that podcast if you want to know more about how it works.

There's still no proof that this was done by the US or Israel. I just find the technology behind it incredibly interesting. Makes me want to go into malware analysis lol.

There are only speculations, but the evidence isn't that solid. They still don't know who's really behind all these events. I've also read that the US President Barack Obama is behind all these Cyber-attacks. One thing for sure, is that these authors are certainly sponsored by the government.

First was Stuxnet, then Duqu now Flame what next. I think there is more to come.

Link to comment
Share on other sites

There are only speculations, but the evidence isn't that solid. They still don't know who's really behind all these events. I've also read that the US President Barack Obama is behind all these Cyber-attacks. One thing for sure, is that these authors are certainly sponsored by the government.

First was Stuxnet, then Duqu now Flame what next. I think there is more to come.

Especially since there were several zero-days involved in flame, one that involved getting the code signed by microsoft, and flame exploits the windows update system with that and updates the malware within that. Several hours after it was first reported in romoved all traces of its self from the hard drives and then wrote over that space to ensure there wouldnt be any forensic evidence. And alll the data sent to and from the CC servers was encrypted serveral different ways. I'd love to see the source code of this, kasperski stated that it would probably take 10 years to reverse engineer the whole thing.

Link to comment
Share on other sites

I'd love to see the source code of this, kasperski stated that it would probably take 10 years to reverse engineer the whole thing.

Flame is certainly one of the most sophisticated worms ever created to date. The thing that fascinates me about this worm is not the complexity of it, is the actual size of the worm 20MB. No other worm has ever been this big in size.

The Flame authors must be really proud of themselves for creating a such highly advanced worm.

Link to comment
Share on other sites

There's tons of viri out there that delete it's traces or will uninstall itself if it detects a debugger running. Why does that have to come from a government? I'm new in the game, but from what I've read that's an old trick. The wiki article says it infected 1000 machines. I bet there are people on this board who have pwned more boxes than that with a single method.

Kaspersky does make one of the better antiviruses, but after seeing their interviews and meeting one of them face to face I lost a lot of respect. They're like Russian cheerleaders for viri.

Edited by bobbyb1980
Link to comment
Share on other sites

There's tons of viri out there that delete it's traces or will uninstall itself if it detects a debugger running. Why does that have to come from a government? I'm new in the game, but from what I've read that's an old trick. The wiki article says it infected 1000 machines. I bet there are people on this board who have pwned more boxes than that with a single method.

Kaspersky does make one of the better antiviruses, but after seeing their interviews and meeting one of them face to face I lost a lot of respect. They're like Russian cheerleaders for viri.

Well thats basic yes, but the update system, crypto, and root kits in it all new technology, not the ideas themselves but how they were implemented. the code dates back to 2007, and stuxnet and doqu where just "modules" to the flame worm. The worm itself supports everything imaginable. Its pretty much its own OS running in the background. Im not entirely sure on how the code signing worked but if you listen to those links i posted the developers had to go to incredible lengths to crack the crypto for the code signing. Flame is the most advanced worm to ever exist, and who knows what else it did and was capable of. 1000 machines were specifically targeted, it had a specific job. Iranian government was infected with this thing for 5 years and was undetected thats an incredible acomplishment.

Link to comment
Share on other sites

Apart from generating the MD5 collision attack, they also had to predict completely the certificate content that would've been signed by the CA. Which had to be identical, in order for the certificate to be valid.

http://blogs.technet.com/b/srd/archive/2012/06/06/more-information-about-the-digital-certificates-used-to-sign-the-flame-malware.aspx

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...