Stuxnet Worm can come back right away after its removal

Stuxnet worm is one of the most dangerous worms ever. It is able to infiltrate itself in a computer even after it has been already cleaned from the machine. Worm usually targets computers that are used in nuclear plants and other industrial facilities.

Stuxnet has proven it is a piece of headache for the security researchers and analysts because it could affect four flaws that were undiscovered and unpatched. These four were the green light for the worm to spread via USB keys, Windows file shares and etc. Moreover, the worm is very good at infecting industrial-control programs that is created by Siemens.

Symantec researchers have discovered that Stuxnet worm infects Siemens software files that administrators use in their need to fix programs and etc. The so called Step7 file is compromised after the first infection and if the worm targets PC again, it will definitely infect that computer and its files once again.

Symantec's Nicolas Falliere commented: „Stuxnet's ability to infect project files and run when they are opened is yet another propagation vector to add to the list. While we advise operators and programmers to be wary of project files from untrusted sources — internet forums, for instance — the most likely source of infection is likely to be a trusted party whose systems have been compromised by the threat.“  

What is more, if Step7 file is held at the central server after the attack worm can compromise machines that are downstream from that central computer. N. Falliere pointed out that coming back from the dead is one of Stuxnet worm’s capabilities and features. “Infected projects restored from backups may reintroduce the infection to previously cleaned machines so administrators should exercise caution when restoring files in this manner,“ – he said.

More Malware news

Danger! Facebook private messages and Instant Messengers are infected by worm

According to TrendLabs, infected messages are spreading on Facebook which contain a malicious link pointing to an archive file “May09-Picture18.JPG_www.facebook.com.zip”. Zipped archive itself has a file titled “May09-Picture18.JPG_www.facebook.com” and uses the extension “.com”. Malware within is able to terminate services and processes related to AV which quickly shuts down AV from detection or removal of the worm. This detected malware is named WORM_STECKCT.EVL. Read more.

• Wikipedia warns: Ads on Wikipedia page informs about malware within your PC
• Beware of fake Instragram app
• New tricky anti-virus intimidates file-sharers
• Android may have bootkit threats
• Attention! Google malware is circulating online
• Rogue YouTube site targets Syrian activists and brings malware
• ZBot Trojan makes its notice again!
• Mac security news: Flashback Trojan is back
• Be careful! Malware group spreads quickly
• Attention! Keylogger comes via rogue Facebook message

News categories

• Malware
• Spam and email
• Phishing
• Vulnerabilities
• Computer Security
• Security basics
• Rogue Antispyware

Latest news

• System Protection Tools removal guide
• Windows Multi Control System uninstall guide
• How to remove Antispyware Pro 2012 fraud?
• Windows Advanced Security Center removal steps
• Windows Private Shield removal steps
• How to remove Windows Pro Safety fraud?
• Windows Pro Safety Release removal guide
• Spam: "Tumblr Dating Game"
• Danger! Facebook private messages and Instant Messengers are infected by worm
• Delete Windows Safeguard Upgrade malware

Related news

• 123greetings.com is a new ZeuS Crimeware Campaigners Target
• 25% of worms use USB drives to spread
• Dell Shares Information about Malware Infecting their Server’s Motherboards

Antispyware Software

• Spyware Doctor
  • Rating
    
    Download Read review
    Spyware Doctor is one of the most reputable security programs and it’s one of the most often recommended anti-spyware tools. It's known for quick and effective scanning methods.
    
    
• VIPRE Antivirus + Antispyware
  • Rating
    
    Download Read review
    VIPRE combines antivirus, antispyware, anti-rootkit and other technologies into a seamless, tightly-integrated product.
    
    
• Trend Micro AntiVirus plus AntiSpyware
  • Rating
    
    Download Read review
    Trend Micro AntiVirus + AntiSpyware is the essential security you need so you can email and share files with confidence.
    
    
• Malwarebytes Anti-Malware
  • Rating
    
    Download Read review
    Malwarebytes Anti-Malware can detect and remove malware that other anti-virus and spyware programs generally miss, including rogue security software, although it is not effective against rootkits or viruses.
    
    
• Kaspersky Anti-Virus 2011
  • Rating
    
    Download Read review
    Kaspersky Anti-Virus 2011 is one of the optimal choices for protecting a computer from viruses and other threats. It offers multiple functions for cleaning a system and keeping it safe. Although it costs more than average anti-virus kit, Kaspersky Anti-Virus is often rated better than similar tools by users even when free virus removers are also in the assortment.
    
    
• Webroot Antivirus with Spy Sweeper
  • Rating
    
    Download Read review
    Powerful antivirus and antispyware software combined to provide the best protection against viruses, spyware and more.
    
    

Subscribe

Latest threats

• System Protection Tools
• Windows Multi Control System
• Antispyware Pro 2012
• Windows Advanced Security Center
• Windows Private Shield
• Windows Pro Safety
• Windows Pro Safety Release
• Windows Safeguard Upgrade
• Windows Secure Surfer
• Windows Be-on-Guard Edition
• Windows Abnormality Checker
• Windows Pro Solutions
• Windows Sleek Performance
• Windows ProSecurity Scanner
• Best Antivirus Software
• Total Anti Malware Protection
• Windows Advanced User Patch
• Virus Doctor
• Windows Internet Booster
• Windows Pro Web Helper