This should be considered an offensive act of war. Israel must pay for its sabotage of other NATO nations. You can't justify any of their actions whatsoever. You attack someone, you best be prepared for the consequences.

http://www.washingtonsblog.com/2013/11/america-and-israel-created-a-monster-computer-virus-which-now-threatens-nuclear-reactors-worldwide.html

http://en.wikipedia.org/wiki/Stuxnet#United_States

The US takes the blame frequently for Israeli crimes.

Appears to be a Mossad creation, possibly a Mossad-U.S. collab:

Confirmed: US and Israel created Stuxnet, lost control of it

Israeli Spies Want Credit for Stuxnet

'Israel tested Stuxnet virus on Dimona plant'

Israel tested Stuxnet worm, says report

Leaker Snowden says Israel, US created Stuxnet virus

Mossad's Miracle Weapon: Stuxnet Virus Opens New Era of Cyber War

Mossad: 'Stuxnet is our baby; Obama disclosed it for his reelection campaign'

Stuxnet Worm Crafted by U.S., Israel to Thwart Iran's Nuclear Program

Stuxnet was work of U.S. and Israeli experts, officials say

The NYTimes leaked a US general taking credit for stuxnet as a joint operation with the Israelis like 9 months ago.

I don't know who convinced you this is news. Stuxnet has been found all over the US for like 3 years now...

The NSA'a response for Snowden?

Stuxnet was very precisely written to attack one specific nuclear testing site in Iran.

Unless you have an almost identical setup - a specific range of number of centrifuges, which have to be made by a specific manufacturer, etc. then it won't do anything.

Stuxnet is based on modular design.... do you understand what that means? I have a feeling you are just guessing on this one. The detailed analysis of stuxnet and flame available on the web will give you an idea of what I'm talking about. Try to find yourself an unbiased analysis from an actual whitehat consultant. Everyone was completely blown away by the complexity and virulence of the design.

Stuxnet is nothing compared to badBIOS. I wouldn't be surprised if they were related somehow. Sounds like AI to me.

"Ruiu said he arrived at the theory about badBIOS's high-frequency networking capability after observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility that it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed the internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped."

BadBios has not yet been caught in the wild. Regardless, its scary as hell. Physically preventing you from removing it. So much so, it disallows you from even booting to a live CD.

Agreed. I think the really scary part is its ability to use the available parts of a machine(speakers, mics, etc) to send packets to other devices to infect. Like some sorta crazy space AI virus. Sounds like you could put it on a anything from a toaster to a VCR and it would find a way to use the system parts for communication to other electronic devices within range. Dang.

So you're saying it adapts and almost thinks for itself? Stuxnet? More like sky net

No, I'm saying a person can remove and replace modules based upon the function they would like it to perform.

I wish I knew more about that shit

Stuxnet is based on modular design.... do you understand what that means? I have a feeling you are just guessing on this one. The detailed analysis of stuxnet and flame available on the web will give you an idea of what I'm talking about. Try to find yourself an unbiased analysis from an actual whitehat consultant. Everyone was completely blown away by the complexity and virulence of the design.

Yes, but at no point did the find payloads that targeted anything besides Iranian centrifuges. The virus is very effective at spreading itself, but it's only actual malicious capability is to crash the centrifuge.

Do you understand what the term "modular" means in this instance? It infers the ability to swap out and change systems based upon your target. IE, it's made with interchangeable parts so if you were done sabotaging a centrifuge you can then move on to taking out power grids or whatnot.

I don't think you understand what the term modular means in this instance as most code is essentially modular.

Stuxnet has been captured and analyzed for years, and no such code was found. So I don't think you understand what modularity means in this context.

Shit dude, you are going to bother to suggest I don't know what modular means when you are using the word 'system' in such a useless fashion? What systems do you mean??? Stuxnet ALREADY contains the code to handle compromising a variety of different windows systems used in SCADA, however, Stuxnet's final payload only contains code to break a certain centrifuge by compromising a certain piece of software. It does not contain code that remotely updates such payloads. So I think you should try and understand what the fuck modular means in this context before suggesting others do the same.

That's where I obtained my information.

As mentioned, the supervirus is modular. The copy caught in the wild was targeting an independent nations pieceful nuclear power plants. Israel has no right or justification for attacking other nations. In the process, trying to pull the United States into doing Israel's bidding. All on our dime, and with our soldiers swear, torment, and blood.

Firstly, I don't give a shit about Israel. They are utterly insignificant to me. Also, it's just as well that Stuxnet isn't on the ISS. There was some recent malware infection before they migrated to Linux, but it wasn't Stuxnet.

The virus is modular, but the only payload in stuxnet targets Iranian centrifuges.

The captured stuxnet. There are countless payloads that can be used. Hence infection of Russian resources. You apparently know little here.

Actually, you don't know what you are talking about.

It infects any pc, but it only contains code to maliciously attack a certain centrifuge, the rest of the code is only used to ensure that it spreads as effectively as possible.

You might want to do more research before you suggest other people don't know what they are talking about. Stuxnet was found all over the world before it was known that it even targeted Iranian systems. So your point on it being discovered in Russia is entirely moot as it's existed in Russia since it's inception. In fact, the current theory on how Iran was infected was by a Russian consultant that was infected via a flash drive. So really, please do some fucking research!!!

it only contains code to maliciously attack a certain centrifuge, the rest of the code is only used to ensure that it spreads as effectively as possible

If it only is designed to attack a certain centrifuge, then what would be the point in having it spread at all?

Because how do you get a virus to attack a centrifuge that exists in one location that you can't access? You write a virus that spreads as wildly as possible. That's what stuxnet does. However, the only time stuxnet ever tries to do anything that isn't spreading is attack the SCADA manager for the siemens centrifuge.

Like, this information has been known for years at this point. It was widely known when stuxnet was first discovered that it was a tool designed to spread widely and attack in a limited fashion. You have to spread a really wide net to catch the kind of fish the US and Israel were looking for. Stuxnet has been found all over the world for years, in every case it only ever tries to attack the siemens scada system used for a specific centrifuge model.

Maybe a better approach for you to take is to demonstrate where in the publicly available code stuxnet does anything besides benignly spread or attack the siemens centrigure.

No one said stuxnet wasn't great at spreading itself, in fact, it's really fucking good at that. No analysis would deny such a fact. However, you won't find the code to update it's most precious payload, or change the program's objective, as the code doesn't exist. No one is saying that you couldn't take stuxnet and re-tool it with a more vicious payload, however, it wouldn't really be stuxnet anymore. And it hasn't been seen. And what you do see is not what you say it is, so maybe you should do some more research or find something to discuss that you can comprehend.

maliciously attack a certain centrifuge

...

for the siemens [sic] centrifuge

Ah. So, it wasn't really a "certain centrifuge". It was a certain type of centrifuge. Understood.

a certain type of controller, one that prob is an industry standard that other manufacturers clone.

It was a certain type of centrifuge. Understood.

Well, more or less the same thing as it was a certain type of centrifuge known only to be in use in Iran due to it's excessive age

by the way, that's how you spell siemens - so you should take your attitude somewhere else

I believe the "modular" point is that they could easily create different strains with different final payloads. So yes, the current captured one only targets a specific type of device. That could easily be modified and with the virulence of the worm itself, made to destroy just about anything with a vulnerability (meaning just about everything).

Sure the worm itself doesn't phone home/update payloads dynamically, but it would be rather easy to create a clone with a different task. That's the point here, the transport layer is done... it's trivial to change what the target is based on demand now.

Yes, but that is a design consistent with most other viruses, and software in general. What differentiates stuxnet from other viruses is that it's an incredibly elaborate way to break a centrifuge. Not that it's modular. Code is inherently modular, that's why they call portions of code 'modules'.

No one ever questioned if it would be easy to create a stuxnet variant. Considering that you can download the code yourself, it's really not an impossible task. This is a significant difference from what people think in that it's not something unique to stuxnet at all. That's just how software works.

And, no you can't change it 'on demand'. That's the whole point. You must create an entirely new variant and spread it again. That's significantly different from a virus that can acquire new payloads on the fly.

That could easily be modified and with the virulence of the worm itself, made to destroy just about anything with a vulnerability (meaning just about everything).

Look, if you want to learn about computer security, you should. Because your statement suggests you don't know anything about how stuxnet actually works or how malware works in general. Stuxnet only contains vulnerabilities for windows systems that could run SCADA software, so no OSX and no Linux, nor does it contain code to infect any of the embedded systems that exist. So to suggest it can 'destroy' just about 'anything' with a 'vulnerability' couldn't be a more inaccurate statement.

Even if it could infect systems besides windows, the way it destroys the centrifuge is by modifying the computer controlled parameters of the SCADA systems. So you can't just run a command on a windows machine that would make it explode. You could possibly fuck with the battery in the laptop, but already, the battery is managed by it's own operating system. And unlike plug and play general use SCADA systems, your batteries OS is specifically designed so that it can't be made to explode via code. This isn't to suggest that it's not possible to try and still mess up a battery in a critical fashion, but that your battery doesn't offer the OS the option to 'dangerously overcharge' or 'increase rotational speed', like the SCADA system controlling the iranian centrifuges do.

Your statement is entirely pointless, because yes, it's theoretically possible to write software that could compromise a given system, however that has entirely nothing to do with stuxnet. That was true before stuxnet, and it's still true now. Stuxnet did nothing to change it. You are just sharing populous ignorance for how malware actually works.

I'm afraid you're wrong. Many other variants have been used to capture information and deliver differing payloads. Did you have a point?

I'm afraid that you are going to have to back your assertion up, as it's entirely untrue.

Like for example, you cite Russian infections, but the already existing stuxnet has infected Russian PCs. Like in every other case of the stuxnet virus, it would do nothing if it didn't discover a siemens centrifuge. Stuxnet has been found all over the world.

You don't know what you are talking about.

Not worth arguing semantics with you at this point. The ego is sstromg with this one. The fact of the matters is that not everything is known about sn. The payload is modular and can technically vary. Similar logic and coding/scripting was used, and Iran was primarily targeted.

The scumbag fucks in Israel are responsible, and this was an act of war. If the rule of law was still in use, these worthless criminals would not be financially or militarily backed. They will get what is coming to them in due time. You get what you give, and through such cowardly actions, their credibility does not exist. I laugh every time they label someone as critical as racist and antisemitic, no one pays any mind. They did this to themselves and they deserve everything they get.

Not worth arguing semantics with you at this point. The ego is sstromg with this one. The fact of the matters is that not everything is known about sn. The payload is modular and can technically vary. Similar logic and coding/scripting was used, and Iran was primarily targeted.

This is bullshit without variants in the wild. Show them and prove your point. Show me an example of the stuxnet core being used to 'gather information'. Show me an example of the stuxnet core with a different lethal payload!

The scumbag fucks in Israel are responsible, and this was an act of war. If the rule of law was still in use, these worthless criminals would not be financially or militarily backed. They will get what is coming to them in due time. You get what you give, and through such cowardly actions, their credibility does not exist. I laugh every time they label someone as critical as racist and antisemitic, no one pays any mind. They did this to themselves and they deserve everything they get.

This has, not only nothing to do with my point, but nothing to do with your point either.

By the way, I'm pretty sure everything that is to be known about stuxnet is known as it's been widely decompiled and analyzed. They even figured out Israel developed it even though they never admitted to it! So really, please save your dramatics for someone more ignorant.

The payload and many components were encrypted. They suspected that a nation/state was responsible but had no proof. That is until authorship was claied. And Flame is an early iteration of Stuxnet. Seriously, do you research a little more in depth before claiming to be an expert on the subject. You're making yourself look foolish now.

y suspected that a nation/state was responsible but had no proof. That is until authorship was claied. And Flame is an early iteration of Stuxnet. Seriously, do you research a little more in depth before claiming to be an expert on the subject. You're making yourself look foolish now.

They've decompiled functions named in Hebrew, so once again, I don't think you know what you are talking about. Didn't see the NYTimes report on an anonymous US general admitting it was a join operation between the US and Israel?

The payload being encrypted doesn't matter when you can run the virus in a virtual environment and see exactly what it does anyway. I don't know where you get your information from, but how do you think security analysts determined it worked on siemens centrifuges? By plugging in hardware that only exists in Iran?? Sure!

Yes, flame is a precursor to stuxnet? Your point being? You don't seem to get the fact that all code is modular and stuxnet isn't some sort of meta ultra virus that's reprogrammable on the fly. You can compile your own virus based off of stuxnet right now, so really - what the fuck is your point?? Malware authors don't because stuxnet is widely known at this point and signatures against it have been developed for years.

Cybercriminals don't write software that spreads like stuxnet because it's too obvious. It has nothing to do with stuxnet being superior or superlative in any fashion relating to it's design. You are suggesting that this virus has capabilities that it doesn't, and it's based off your total ignorance with regards to words like 'modularity'.

Unless im mistaken, it was not a US general claimimg ownership, it was a piece of shit Israeli commander. Reseaechers can attempt to see what functions the code performs, but they cannot and did not decrypt the core payload. What did Einstein say again? And I'm paraphrasing here, but if you can't explain something succinctly, you don't understand it well enough. Its interesting to see your 'War and Peace' explanations here. Much of the codebase is similar. And using a Stuxnet variant to capture information is not only reasonable, but has been done. The cyber warfare here against civillian infrastructre is criminal and an act of war. Releasing this into the wild was a completely reckless act. Russia should seek damages. Or inflict damages. Either way, perfectly reasonable.

What are you trying to say about virus/worm authors being able to compile attacks based off the atuxnet code? It doesn't work like that. To compile executable code, the source is required. You possess a very shallow understanding of how this works. Rootkits are becoming more and more common, and minor tweaks to the code are how authors temporarily get around identification. Again though back to debating semantics and wasting my time. Care to send me another ten paragraph response ridded with technical errors, factual errors, and poorly used emphasis?

If you run a virus in a virtual environment you can tell exactly what it does as it is interacting with your system. You control the processor, the memory, the system calls. You can fake responses to see how the program will react. To be honest, it's clear you don't know shit about malware.

In your own words it's not a variant as it is a predecessor. You clearly don't know what you are talking about because all it is doing on Russia's systems is nothing. The virus spreads and looks for siemens centrifuges, that's it. If you don't have a siemens centrifuge it's not going to do anything to your computer. Regardless of what you don't understand about flame, stuxnet isn't what you claim it is. It doesn't change in the wild. It's release into the wild has nothing to do with flame. They are different pieces of software based off a similar codebase. I'm not sure why you have to make dramatic suggestions about stuxnet's nature when it is obvious that any organization developing weaponized code would source functions from a centralized codebase.

Do you know what a decompiler is? I'm serious now. It's nice that you are willing to explain to me how software development works, but you clearly don't know what the fuck you are talking about. There are a variety of ways to detect the various different types of malware, yes, signatures are one of them. I pointed out how useless signature based detection is, so I'm not sure what you think your point is.

Again though back to debating semantics and wasting my time. Care to send me another ten paragraph response ridded with technical errors, factual errors, and poorly used emphasis?

It's clear you can't tell a technical error from the shit you write.

You can see what the code is attempting to do, sure. Not not everything. Checks were included in the code prior to full exexution. Very large difference. Nor does the environment need to be virtualized. And what you're trying to argue is that even with the shared codebase, stuxnet is incapable of snooping and logging? A decompiler does not function with encrypted components. You honestly feel the need to drag out semantics still? That tech support job must not be heavily utilizing your deep efforts here. /s

But back to the former statement, you obviously get off on page long responses. You're woefully incorrect, and no further time will be wasted. Come back when you have some valid points buddy. Then we'll chat.

I'm arguing that stuxnet doesn't do what you claim. Flat and simple.

The shared codebase is irrelevant, it was your point that stuxnet and flame are related and therefore must always be capable of the same thing at any given point. How do you know checks were included prior to the code? What sort of checks are you talking about? Malware analysts look for this stuff all the time, the US and Israel aren't the only entities that look for signs of a test-lab environment. However, you will find that the analysis of stuxnet does not reveal such lengthy measures taken for an attack like you describe. Snooping tools are quiet - stuxnet is the opposite of that. You use the best tool for the job, not the tool that you have because some asshole on the internet thinks it can do anything.

The idea that stuxnet is a snooping tool just isn't there. You don't have the proof and all conventional analysis disagrees with you. You can decompile encrypted functions as they must be decrypted in order to be used. This is why analysis must be undertaken with multiple techniques. Running the program in a controlled environment combined with technical deconstructive tools is the way to go. Do you think after all these years that analysts haven't noticed stuxnet's outbound connections? They have, and none of them are consistent with the behaviors you assign to the program.

Sure, if you'd prefer to think I work in tech support, that's great. You are the one that takes two days to google what a decompiler does and otherwise argues nonsense points, like "it doesn't have to be a virtual environment". No one said it did, your response is nonsense. It's commonly done in a virtual environment because it's easy. It's certainly not the only way large firms analyzed the tool.

You're woefully incorrect

I think you are just really confused. But seeing as how you think stuxnet is some sort of 'magical computer program that can do whatever it wants because the gubmint made it', you might be a little more than just confused.

I'm arguing that stuxnet doesn't do what you claim. Flat and simple.

"Flat and simple"...almost works in English. Hell, close enough. I know this will be a challenge for you to keep under a paragraph and by sticking to the facts, but do try. Good luck.

You are pathetic!

Your first reply that isn't a novel. Nice.

I'm glad you appreciated it!

P.S. You should be bolded. Not don't. Sorry for the hurt feelings and bruised childlike ego.

No, it's definitely an emphasis on the lack of your knowledge, as opposed to you yourself.

I'm sorry that you find the need to argue things you entirely don't understand?

"I don't know how to use emphasis." -left_one 13 Nov 2013 eSeriously, you're making a fool of yourself. All other points have been destroyed, yet still you cling. So sad that you feel it necessary. I can only make educated guesses as to why you behave in such a fashion. Very likely tied to events you didn't feel control over in your youth. Now you act out and throw up brick walls claiming to be right.

I don't know what planet you live on, it's certainly not Earth.

Let me know when you figure out how stuxnet works!

What planet I live on? Obviously one that knows how to properly use emphasis on Reddit.

*The above emphasis was not correctly used, and was utilized to prove a point. Your idiocy.

Keep slipping down them slopes!

So when again are you going to have a point here? Hell, even just one.

By the way - what info do you think stuxnet 'captured'? Where did it report the info to?

Its a sibling "virus" that pulled and captured this data. Same authors and similar methodology and logic. The data was sent to ~100 worldwide command and control computers. Examples of the data captured: Skype conversations, sites visited/history, message board postings, the hot esoteric black granny midgeta porno that you're into, your amazon horse head mask, contacts lists via Bluetooth, frequency of contact, etc.

Where is the link? How is the virus actually related to stuxnet?

Here you are. Enjoy the read.

That's not some sort of variant developed on the fly. It's a predecessor even.

Stuxnet isn't an information stealing tool. It's a virus designed to deliver a payload targeting a certain SCADA device. Obviously, like with any other piece of software, it's possible to select useful functions and use them in other bits of software. That's basically the heart of software development. So, it's amusing that you've figured out that the code is related in that they are developed by the same people, but it doesn't support your suggestion that stuxnet is some sort of meta-virus that can be retooled into anything to attack anything.