Stuxnet 3.0 to be possibility released at MalCon?
Malware coders and security researchers are increasingly looking at MalCon malware convention to show-off their latest creations and research. We were pretty shocked to see in a twitter update today from MalCon, that one of the research paper submissions shortlisted is on possible features of Stuxnet 3.0.
While this may just be a discussion and not a release, it is interesting to note that the speaker Nima Bagheri presenting the paper is from IRAN.
For refreshing your memory, Stuxnet is a computer worm discovered in June 2010. It targets Siemens industrial software and equipment running Microsoft Windows.While it is not the first time that hackers have targeted industrial systems,it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.
What is alarming is the recent discovery (On 1 September 2011) of a new worm - thought to be related to Stuxnet. The Laboratory of Cryptography and System Security (CrySyS) of the Budapest University of Technology and Economics analyzed the malware, naming the threat Duqu. Symantec, based on this report, continued the analysis of the threat, calling it "nearly identical to Stuxnet, but with a completely different purpose", and published a detailed technical paper.The main component used in Duqu is designed to capture information such as keystrokes and system information. The exfiltrated data may be used to enable a future Stuxnet-like attack.
The research paper abstract discusses rootkit features and the malware authors may likely show demonstration at MalCon with new research releated to hiding rootkits and advanced stuxnet like malwares.
Released or not, MalCon certainly leaves plently of room for imagination of the future with computing - and hope we don't get to live the Die Hard 4.0 someday.