web analytics
Perşembe, Temmuz 2, 2026
No Result
View All Result
  • Giriş
Türk İnternet
  • Ana Sayfa
  • BİLİŞİM
  • e-TİCARET
  • INTERNET
  • TELEKOM
  • YENİ TEKNOLOJİLER
  • Hakkımızda
  • Kişisel Verilerin Korunması
    • Çerez Aydınlatma Metni
    • İlgili Kişi Başvuru Formu
No Result
View All Result
  • Ana Sayfa
  • BİLİŞİM
  • e-TİCARET
  • INTERNET
  • TELEKOM
  • YENİ TEKNOLOJİLER
  • Hakkımızda
  • Kişisel Verilerin Korunması
    • Çerez Aydınlatma Metni
    • İlgili Kişi Başvuru Formu
No Result
View All Result
Türk İnternet
No Result
View All Result

Kaspersky Lab Research proves that Stuxnet and Flame developers are connected

Discovery of the Flame malware in May 2012 revealed the most complex cyber-weapon to date. At the time of its discovery, there was no strong evidence of Flame being developed by the same team that delivered Stuxnet and Duqu. The development approach of Flame and Duqu/Stuxnet was different as well, which lead to the conclusion that these projects were created by separate teams. However, the following in-depth research, conducted by Kaspersky Lab experts, reveals these teams in fact cooperated at least once during the early stages of development.

turk-internet.com Staff-turk-internet.com Staff
13 Haziran 2012
-Genel
0
Facebook'ta PaylaşTwitter'da PaylaşLinkedin'de Paylaş

Discovery of the Flame malware in May 2012 revealed the most complex cyber-weapon to date. At the time of its discovery, there was no strong evidence of Flame being developed by the same team that delivered Stuxnet and Duqu. The development approach of Flame and Duqu/Stuxnet was different as well, which lead to the conclusion that these projects were created by separate teams. However, the following in-depth research, conducted by Kaspersky Lab experts, reveals these teams in fact cooperated at least once during the early stages of development.

Kaspersky Lab discovered that a module from the early 2009-version of Stuxnet, known as “Resource 207,” was actually a Flame plugin. This means that when the Stuxnet worm was created in the beginning of 2009, the Flame platform already existed, and that in 2009, the source code of at least one module of Flame was used in Stuxnet.

This module was used to spread the infection via USB drives. The code of the USB drive infection mechanism is identical in Flame and Stuxnet. The Flame module in Stuxnet also exploited a vulnerability which was unknown at the time and which enabled escalation of privileges, presumably MS09-025.

Subsequently, the Flame plugin module was removed from Stuxnet in 2010 and replaced by several different modules that utilised new vulnerabilities.

Starting from 2010, the two development teams worked independently, with the only suspected cooperation taking place in terms of exchanging the know-how about the new “zero-day” vulnerabilities.

Background

Stuxnet was the first cyber-weapon targeting industrial facilities. The fact that Stuxnet also infected regular PCs worldwide led to its discovery in June 2010, although the earliest known version of the malicious program was created one year before that. The next example of a cyber-weapon, now known as Duqu, was found in September 2011. Unlike Stuxnet, the main task of the Duqu Trojan was to serve as a backdoor to the infected system and steal private information (cyber-espionage).

During the analysis of Duqu, strong similarities were discovered with Stuxnet, which revealed that the two cyber-weapons were created using the same attack platform known as the “Tilded Platform”. The name originated from the preferences of the malware developers for filenames of the form “~d*.*” – hence, “Tilde-d”. The Flame malware, discovered in May 2012 following the investigation prompted by International Telecommunication Union (ITU) and conducted by Kaspersky Lab, was, at first sight, entirely different. Some features, such as the size of the malicious program, the use of LUA programming language and its diverse functionality all indicated that Flame was not connected to Duqu or Stuxnet’s creators. However, the new facts that have emerged completely rewrite the history of Stuxnet and prove without a doubt, that the “Tilded” platform is indeed connected to the Flame platform.

New findings

The earliest known version of Stuxnet, supposedly created in June 2009, contains a special module known as “Resource 207”. In the subsequent 2010 version of Stuxnet this module was completely removed. The “Resource 207” module is an encrypted DLL file and it contains an executable file that’s the size of 351,768 bytes with the name “atmpsvcn.ocx”. This particular file, as it is now revealed by Kaspersky Lab’s investigation, has a lot in common with the code used in Flame. The list of striking resemblances includes the names of mutually exclusive objects, the algorithm used to decrypt strings, and the similar approaches to file naming.

Furthermore, most sections of code appear to be identical or similar in the respective Stuxnet and Flame modules, which leads to the conclusion that the exchange between Flame and the Duqu/Stuxnet teams was done in a form of source code (i.e. not in binary form). The primary functionality of the Stuxnet “Resource 207” module was distributing the infection from one machine to another, using the removable USB drives and exploiting the vulnerability in Windows kernel to obtain escalation of privileges within the system. The code which is responsible for distribution of malware using USB drives is completely identical to the one used in Flame.

Alexander Gostev, Chief Security Expert at Kaspersky Lab, comments: “Despite the newly discovered facts, we are confident that Flame and Tilded are completely different platforms, used to develop multiple cyber-weapons. They each have different architectures with their own unique tricks that were used to infect systems and execute primary tasks. The projects were indeed separate and independent from each other. However, the new findings that reveal how the teams shared source code of at least one module in the early stages of development prove that the groups cooperated at least once. What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected”.

Etiketler: HaberManşet

Türk İnternet'ten buna benzer yazılar için bildirim almak ister misiniz?

ABONELİKTEN ÇIK
turk-internet.com Staff

turk-internet.com Staff

Lütfen yorum yapmak için giriş yapın.

GÜNLÜK BÜLTEN ABONELİĞİ

Aboneliğinizi onaylamak için gelen veya istenmeyen posta kutunuzu kontrol edin.

HAFTANIN ÖNE ÇIKANLARI

  • St. Petersburg Forumu, Rusya’nın Yeni Teknoloji Stratejisinin Sinyallerini Veriyor: Nadir Toprak Elementleri, Yapay Zeka, Yarı İletkenler ve Teknolojik Egemenlik
  • Türkiye Yapay Zeka Stratejisinde Yeni Dönem: Dijital Egemenlik Merkeze Yerleşti, Peki Bu Yeterli mi?
  • Teknoloji Girişimlerini İlgilendiren Yeni Düzenlemeler Yürürlükte
  • Washington Yapay Zekada Yavaşlatma Yerine Hızlanmayı Seçti: Yeni ABD Yapay Zeka Doktrini ve Riskleri
  • Dijital Dönüşüm ve Gazeteciliğin Küresel Krizi

HAFTANIN KELİMESİ

3GPP

3. Nesil Ortaklık Projesi (3GPP), dünya çapında çeşitli mobil (hücresel) ve telekomünikasyon standartlarını geliştiren ve sürdüren bir grup standart kuruluşudur.

3G ile birlikte kurulmuş ve telekom endüstrisinin Birleşmiş Milletleri diye tanımlanabilir. Sonraki nesiller için de standartları belirlemiştir.

Detayı için Wiki-Turk'e bakınız

İNTERNET HIZI

Türkiye'nin İnternet Hızlarını Dünya ile KarşılaştırmakKaynak : https://www.speedtest.net/global-index#mobile
Facebook Twitter LinkedIn

Bildirimler

Turk-internet.com masaüstü bildirimlerini almak için lütfen buraya tıklayın

Son Yorumlar

  • ICANN, Yeterince Temsil Edilmeyen Toplulukları Yeni gTLD Başvuru Destek Programı İle Güçlendiriyor için Tolga Kaprol
  • BTK, Yabancı e-SIM Firmalarını Engelledi için Bulent SEN
  • Sahibinden.com Domain’inin Güncellenmesi Unutulmuş için Tolga Kaprol
  • İngiliz Düzenleyici Ofcom, Bulut Servislerini ve Akıllı Cihaz Pazarını Soruşturuyor için Tolga Kaprol
  • Seçim Yaklaşırken, Kişisel Veriler Kötüye Nasıl Kullanılır? için [email protected]

Türk İnternet'ten ilginize çekecek yazılar için bildirim almak ister misiniz?

Abone Ol

© Copyrights 2000-2025 - Bu sitede yayınlanan haber/söyleşi/makale ve bilgilerin tüm hakkı turk-internet.com'a aittir.

Tekrar Hoşgeldiniz!

Aşağıdan hesabınıza giriş yapınız

Şifremi unuttum?

Şifrenizi geri alın

Lütfen şifrenizi resetlemek için kullanıcı adı veya email adresinizi girin.

Giriş yap
No Result
View All Result
  • Ana Sayfa
  • BİLİŞİM
  • e-TİCARET
  • INTERNET
  • TELEKOM
  • YENİ TEKNOLOJİLER
  • Hakkımızda
  • Kişisel Verilerin Korunması
    • Çerez Aydınlatma Metni
    • İlgili Kişi Başvuru Formu

© Copyrights 2000-2025 - Bu sitede yayınlanan haber/söyleşi/makale ve bilgilerin tüm hakkı turk-internet.com'a aittir.