Kaspersky Lab's analysis of the most serious virus threats of 201 has put Stuxnet as the most dangerous.
According to Kaspersky, Stuxnet was the most complex piece of malware in cybercriminals' arsenal to date.
Kaspersky said that an analysis of the worm found that it was designed to change the logic within programmable logic controllers (PLCs) embedded into inverters which are used to control the rotation speed of electric motors. These PLCs operate with very high speed motors that have limited applications, such as those in centrifuges.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
"The epidemic also marked the beginning of the era of attacks on industrial targets. The worm is unique in that it uses as many as four zero-day Windows vulnerabilities at the same time in order to infiltrate victim computers, and has a rootkit component signed with certificates stolen from integrated circuit manufacturers, Realtek Semiconductors and JMicron."
The Kaspersky report noted that cybercriminals may have bought these files from insiders or stolen them using a backdoor or some other similar piece of malware.
Legitimate signatures are one of the reasons that Stuxnet successfully escaped detection by antivirus programs for quite a long time. Malware signed by valid certificates can easily circumvent even the modern protection mechanisms built into Windows 7, the report warned. Thus, when a signed malicious driver or an ActiveX component is installed on a system, no warning window appears
"Judging by what we are seeing today, the problem of stolen certificates may become even more significant in 2011," according to Kaspersky Lab's Yury Namestnikov, author of the report 'IT Threat Evolution for Q3-2010'.