Anonymous hacktivists: We've got Stuxnet code A member of Anonymous claims to have taken possession of code for the infamous Stuxnet virus. Topiary, an online activist affiliated with the 4-chan-spawned internet coalition, claimed on Twitter to have gained possession of the malware. He said: "Anonymous is now in possession of Stuxnet – problem, officer?" Anonymous claims …
Anonymous aren't proper terrorists, in the sense of guns and bombs. If they actually used this to attack power stations, etc., it would be the quickest way for them to find themselves either shot dead by armed police, "rendered" by the CIA, or languishing in jail. While the Internet offers some anonymity, it doesn't from the seriously motivated government agency. At the moment, Anonymous aren't enough of a threat to the US government for them to devote significant resources to tracking them down.
(And unlike that dude who did the social engineering stuff, the CIA wouldn't care if they scored the hacker or his girlfriend, it's close enough to get to the hacker; collatoral damage is fine for them.)
Depending on your view, Anonymous can be either admirable for standing up for the public against tyranny or a bunch of jumped up skiddies. Most of the time I do think fair play, go after some of the untouchable big boys, by all means.
However, now they are starting to make themselves sound like a terrorist organisation, laying down subtle threats with a big helping of posturing. Any credibility they may have been building in some sectors will soon evaporate and they'll have no public support whatsoever.
Pipe down children and just go after the big boys as and when they take away your sweeties, or those of your friends. Don't go for the posturing when there really is no need.
binaries and disassemblies - anyone can disassemble the binary to get the assembler code, which when suitably inspected, understood, sensibly renamed and commented is "source".
I don't think anyone can put it backwards through a compiler and come up with plausible C source code - i doubt if it was written in anything other than x86 assembler anyway.
So, anonymous have a useable prototype malware.
If they, or anyone else had the "original source code" - then there would no longer be any need for speculation as to the source, right?
Wouldn't line one say "stuxnet, (c) 2008 CIA + Mossad" or something?
Zero day vulnerabilities are just that only until the antivirus vendors or other security analysts and systems vendors get copies and publish fixes. So ppart from those running unpatched systems, yesterdays problem. From what I heard, Stuxnet only infected Windows PCs and the payload only affected certain kinds of Seimens controllers. Why this should be a threat to current industrial sysems I can't imagine except for where control systems are operated and run by drooling idiots.
"Even if Anonymous had possession of the Stuxnet source code, it's doubtful they would be either able or motivated to do anything with it. " ..... John Leyden.
Why so, John? Do you know who Anonymous are?
HBGary thought they did and touted their arrogance to the Federal government, pimping themselves as God's gift to cyber analysis and it cost them dear as this trip will show you ....... http://cryptome.org/
Script kiddies? Wow, now that's a Smart Stealthy Intelligent Disguise, if they aren't. And HBGary appear to champion wafflers/sub-prime phishers of ideas. Typical government wonks, in other words, and in fields way out of their depth and way above their pay grade.
Disassembled code can be just as useful and readable as higher level source code. An accomplished/seasoned coder would be able to make sense of it.
I remember disassembling Delphi code a few years back and found that the disassembler was able to reliably reproduce function headers and such although the actual code contained in the function was still reproduced in ASM.
Admittedly, your average script kiddie isn't likely to be able to extend the functionality of the disassembled binary.
"The highly complex code might be adapted to attack other industrial control systems, at least in theory, but that hardly fits with anything Anonymous has done in the past."
Of course, Anonymous didn't have highly complex code that might be adapted to attack industrial control systems until now. It's hard to predict what those high-spirited scamps will get up to next.
The complexity of Stuxnet partly lies in its ability to infect very different targets. In particular, its ability to infect the programmer message handler and get it to infect the PLC points to a knowledge (possibly reverse engineering) of the Siemens programming toolset and PLC. It's quite likely that the coders had access to the PLC hardware in order to reverse engineer it.
So getting Stuxnet to work on 'another' brand of PLC might require the purchase of the PLC so that it too can be reverse engineered.
The infection by Stuxnet of windows PCs is only part of the infection. That was the easy part.
Anonymous should be careful to stay within the arguable context of
civil law. Under a genuinely liberal regime that would pretty much anything
without malice of forethought to do real harm to people... But I'd worry
a more conservative interpretation could pertain.
-- anonymous (obviously. not that it'll matter, but for appearances sake;)
Frankly, "Anonymous - we're really the champions of freedom and stuff, and everyone else is a corporate death-bringer and suppressor of the proletariat, or worse are a bunch of know-nothing idiots who'll DDoS Visa for us" seem to me to be a bunch of late night pr0n rippers and a bit up themselves.
Can't wait for them to fade away, the bunch of w*nkers...
Oh no... (quivering in my damp boxers) maybe they'll trace me now and I'll be digitally destroyed for daring to question their ethics, morals and methods.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
