Technology Review – (International) Stuxnet tricks copied by computer criminals. Experts indicate the techniques used in sophisticated, statebacked malware are trickling down to less-skilled programmers who target regular Web users and their online accounts or credit card details. State-sponsored malware became widely known in 2010 with the discovery of Stuxnet, a program targeted at Iranian industrial control systems. Since then, several other very sophisticated malware packages have been discovered that are also believed to have been made by governments or government contractors. These packages include Duqu, exposed late in 2011, and Flame, found in May 2012. One reason such malware is so effective is it tends to exploit previously unknown software vulnerabilities, known as zero-days, in widely used programs such as Microsoft Windows to gain control of a computer. A Kaspersky researcher said those exploits can be quickly ―copy-pasted‖ by other programmers, as happened after the discovery of Stuxnet. More concerning is the way higher-level design features are being picked up, he said.
Ali Loney, on September 19, 2012