Anonymous Claims to Have Stuxnet Code

Saturday, February 19, 2011

Dan Dieterle


The hacker group Anonymous, known for its involvement in the WikilLaks DDoS attacks, now claims to have access to Stuxnet.

Stuxnet was used to attack Iranian nuclear plants and has been called the first true cyber weapon.

Apparently the hi-tech virus or information about it was obtained by the group after they hacked security company HBGary Federal. The security company had been tracking down leaders of Anonymous and was preparing to release the names at an upcoming security conference. 

It looks like they social engineered their way into, a site run by Greg Hoglund, co-founder of HBGary. Next they got access to a tech support server used by HBGary.

Compromised an insecure Web Server, then obtained credentials to the E-Mail system. They used these credentials to siphon about 50,000 company e-mails and then posted them to a public Torrent site.

Apparently the data stolen by Anonymous contained part of the Stuxnet code.

So what will they do with Stuxnet? No one knows for sure, but some think that they may try to use it against Iran. Anonymous has released a video on YouTube stating their support for the Iranian Opposition.

Their target in Iran would be unsure as security researchers report the crucial code needed to attack the Iranian nuclear plants was not obtained by the Anonymous hack.

The Stuxnet code appears to be so fine tuned to take out the Iranian plant, it is hard to tell if it could be modified for any other purpose.

Time will tell what comes next, but it would appear that Anonymous has taken a much more aggressive path.

Cross-posted from Cyber Arms

Possibly Related Articles:
Viruses & Malware
malware Rootkits Stuxnet Anonymous hackers HBGary Federal
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.