Bekker's Blog

Blog archive

The Curious Case of Stuxnet Gets Curiouser

The case surrounding Stuxnet, which some security and intelligence specialists are calling the first known precision malware weapon designed to bring down a specific real-world industrial facility, is getting curiouser.

As researchers untangled the encryption and complex code base, suspicion has grown that Stuxnet was created by U.S. or Israeli intelligence in order to disrupt a specific Iranian nuclear facility. (RCP unpacked Stuxnet's nasty implications for the Microsoft channel in a blog post earlier this week. The worm uses four zero-day Windows vulnerabilities as part of its attack.)

A front-page article in The New York Times today moves the story forward with news that the text string "Myrtus," found within the Stuxnet code, is at the center of much of the debate about who might be behind Stuxnet's development.

According to the Times: "Myrtus is an allusion to the Hebrew word for Esther. The Book of Esther tells the story of a Persian plot against the Jews, who attacked their enemies pre-emptively."

The debate, according to the newspaper, currently centers on whether an Esther reference is the correct interpretation of the Stuxnet code string, and if so, whether it represents a smoking gun or a red herring. This case is as subtle and fascinating as a John Le Carre novel.

Posted by Scott Bekker on September 30, 2010 at 11:58 AM