Recommended NZ | Guide to Money | Gimme: Competitions - Giveaways

Stuxnet 0.5: The missing link

Fuseworks Media
Fuseworks Media

Symantec Security Response has discovered new intelligence on the earliest known version of Stuxnet.

In operation as early as 2007, this newly uncovered version featured an entirely different attack mechanism than its successors.

Rather than affecting the speed of uranium enrichment centrifuges, Stuxnet 0.5 was designed to close crucial valves that feed uranium hexafluoride gas into the centrifuges, causing serious damage to the centrifuges and the uranium enrichment system as a whole.

In addition, hints in this early version indicate work on the Stuxnet project could date back to 2005 or earlier.

Stuxnet, one of the most sophisticated pieces of malware ever written, was discovered in July 2010. This complex malware took many months to analyse and the eventual payload significantly raised the bar in terms of cyber threat capability. Stuxnet proved that malicious programmes executing in the cyber world could successfully impact critical national infrastructure. The earliest known variant of Stuxnet was version 1.001 created in 2009. That is, until now.

Key discoveries found while analysing Stuxnet 0.5:

- Oldest variant of Stuxnet ever found

- Built using the Flamer platform

- Spreads by infecting Step 7 projects including on USB keys

- Stops spreading on July 4, 2009

- Does not contain any Microsoft exploits

- Has a full working payload against Siemens 417 PLCs that was incomplete in Stuxnet 1.x versions

As with version 1.x, Stuxnet 0.5 is a complicated and sophisticated piece of malware requiring a similar level of skill and effort to produce.

Despite the age of the threat and kill date, Symantec sensors have still detected a small number of dormant infections (Stuxnet 0.5 files found within Step 7 project files) worldwide over the past year.

All articles and comments on have been submitted by our community of users. Please notify us if you believe an item on this site breaches our community guidelines.