Hackers have unleashed a decrypted version of the mysterious Stuxnet cyberworm onto the internet, according to a report on Fox News.
A shadowy collective of hacktivists known as “Anonymous,” recently tweeted that the group has in thier posession the source code to the super cyberweapon that has wrecked havoc on Iranian nuclear facilities. The tweet included a link to a “decompile” of the infamous worm. Anonymous claims to have found the code when they hacked into databases at HBGary, a U.S. security firm investigating the identities of the group’s members.
Initially discovered back in July, Stuxnet is designed specifically to attack certain industrial computers with such a high degree of sophistication that cybersecurity experts have speculated that a government agency was likely involved in its creation. An analysis of the manner in which stuxnet infected computers over a 10-month period showed that the worm repeatedly targeted five industrial facilities in Iran. And The New York Times has recently uncovered some evidence that suggests scientists at the Idaho National Laboratory collaborated with the Isrealis to create what many proclaim to be the ultimate cyberweapon.
What happens next is anybody’s guess. A security expert Fox News interviewed for the story warns that the published information can be used to the create malware that inflicts the same kind of damage to other types of computers.
“There is the real potential that others will build on what is being released,” Michael Gregg, chief operating officer of cybersecurity firm Superior Solutions, told FoxNews.com. Gregg was quick to clarify that the group hasn’t released the Stuxnet worm itself, but rather a decrypted version of it HBGary had been studying — which could act almost like a building block for cybercrooks.
“As an attacker you need to understand how something works. The better you understand how it works the easier it is to build something similar that servers the same purpose,” Gregg explained. The “decompiled” code the group made available is in that sense akin to a recipe book for disaster, he said.
“With the right tools — and these guys have shown themselves more than once to be a fairly technical bunch of individuals — then it gives others a cookbook to start modifying,” he told FoxNews.com.
Other experts, however, are reassuring the public that they should’nt hit the panic button — at least not yet. The stolen code, as revealed on the internet, is merely a translated version, not the “binary” source code neccesary to duplicate stuxnet destructive capabilties.
Snorre Fagerland, a senior threat researcher at the Norwegian internet security firm Norman, told the Guardian:
“The trouble with this [version of Stuxnet] is that you lose almost all context to its abilities,” Fagerland said. “The original source code would contain all the text information about why it’s built this way – that’s gold if you want to use it. If you decompile it you lose all of that.”
Though the prospect of criminals harnessing the worm’s destructive capabilities to cripple ordinary computers is worrisome, such a scenario has yet to materialize. The only bonafide cyberweapon the hacktivists are wielding thus far is the ability to spread fear.
Related on SmartPlanet: