View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 26, 2013

Researchers discover older version of Stuxnet virus dating back to 2007

Researchers revealed earlier variants of Stuxnet were in operation as early as 2005.

By CBR Staff Writer

Researchers at security firm, Symantec, have discovered an early version of the Stuxnet computer virus. The virus was used to attack Iran’s nuclear-enrichment facilities in Natanz in November 2007, two years earlier than it was initially thought.

Stuxnet, which is reportedly believed to have been developed by the US and Israel, was first discovered in 2010.

Stuxnet is a malware that infects computers through a control system targeted towards industries that control water supplies, oil rigs, and power plants.

Symantec said its researchers have uncovered a piece of software, dubbed Stuxnet 0.5, which was in operation between 2007 and 2009.

Researchers said earlier variants of Stuxnet were in operation as early as 2005.

According to the researchers, Stuxnet 0.5 was built using the Flamer platform and spreads by infecting Step 7 projects, including through USB keys.

Stuxnet 0.5 does not contain Microsoft exploits and has a full working payload against Siemens 417 programmable logic controllers (PLCs) that was incomplete in Stuxnet 1.x versions.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Symantec said a few things changed between Stuxnet 0.5 and 1.001, with later versions increasing their spreading capability and use of vulnerabilities.

According to Symantec, the Flamer platform code was replaced with the Tilded platform code and later versions adopted an alternative attack strategy from uranium enrichment valve disruption to centrifuge speed modification.

Earlier this year, a US General said Iran has strengthened its cyber threat protection following the Stuxnet cyber attack in 2010.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.