Data Shows Iran No Longer A Stuxnet Hotspot

Kaspersky Lab released its malware statistics report for September. Buried among the data on the top malware detected on users’ machines and being pushed from malicious Web sites is an interesting factoid: Iran no longer ranks as a Stuxnet hotspot, while India continues to struggle with the effects of the sophisticated virus.

Kaspersky Lab released its malware statistics report for September. Buried among the data on the top malware detected on users’ machines and being pushed from malicious Web sites is an interesting factoid: Iran no longer ranks as a Stuxnet hotspot, while India continues to struggle with the effects of the sophisticated virus.
The data, compiled from systems running Kaspersky’s security software, isn’t authoritative and represents just a slice of infected systems in the countries in question. However, it suggests that Stuxnet – a sophisticated virus that is believed to have been a targeted attack against Iran’s uranium enrichment facilities – is no longer prevalent in that country. India, which has registered the most Stuxnet infections, continues to struggle to eradicate the virus, Kaspersky’s data suggests.

We’ve been hearing for a while that Iran was taking aggressive steps to contain the Stuxnet virus. India has been the epicenter of Stuxnet infections since it was first detected, with Iran the country with the third most infections. The number of reported infections in Iran has steadily decreased during that time. Kaspersky Lab researcher Aleks Gostev wrote on September 26 that Iran was doing a good job cleaning systems infected by the virus. He predicted, then, that the country would soon cease to be one of the centers of the epidemic. Data from Kaspersky’s September report appears to confirm that prediction.

Speaking at the Virus Bulletin Conference in Vancouver last week, researcher Liam O’Murchu from Symantec mostly agreed with reports that Stuxnet was targeted at Iran’s nuclear enrichment facilities and that it was the creation of Israeli intelligence. But researchers, including those from Kaspersky Lab, have also been quick to point out that the exact objectives of those who designed and released the virus are still unknown and mostly a matter of conjecture.

And, for each of the Stuxnet theories, there’s convincing evidence both pro and con, as a recent article on news.com points out. In the end, Iran could have been the target – or just collateral damage. And, as Kaspersky’s data from September suggest, the brunt of Stuxnet infections is being felt in India and Indonesia, as well as other developing countries such as Russia and Afghanistan, rather than Iran. 

As Threatpost’s Dennis Fisher makes clear in his recent editorial, debate about Stuxnet’s intended target is largely academic. The virus Stuxnet was a kind of Pandora’s Box: unleashing a storm of new era of sophisticated SCADA-aware malware into the public domain and broadening the scope and ambitions of malware writers beyond Windows servers and desktops to include critical infrastructure of all kinds. That, more than any geopolitical consideration, is likely to be the legacy of Stuxnet.

Suggested articles

Discussion

  • Anonymous on

    Whoever was behind this aggression should know that these things will come back to cause yourself more damage in the long run than their intended terror! It's like the war in Iraq. It didn't solve anything, exept getting one thug, Saddam. But the US has created millions of ennemies for itself for the next few centuries to come....

    It's gonna take a long time for dumb idiots to realize that violence does not prevent violence!

  • Anonymous on

    Raw statistics on the prevalence of a virus are biased by the prevalence of a particular anti-virus program in that country. So if company A sells lots of checkers in country X then A will report lots of outbreaks in county X. Did you correct for the distribution of virus checkers in the above report ?

  • Anonymous on

    Gotta love those reports from Egyptian airbase commanders...

  • Anonymous on

    Blame Bush...

  • Anonymous on

    Iraq has NOTHING to do with 9/11! And Saddam Hussein used to be good friends with the U.S,even when he committed grave human rights abuses.

  • Anonymous on

    As Hitler killed his own solders and blamed Poland for this and then occupied Poland, the Fascist Bush killed his own people in 9/11 to attack the Middle East.

  • SS on

    Curse those creators of Stuxnet!!

    May they rot in hell,only a apparent question though can KIS 2011,NIS 2011 or Nod32 can prevent this crap from infecting???

  • Anonymous on

    This is a tech blog, not a leftist news editorial.  Please keep it on the topic.  I don't come here to read the rants of 9/11 truther nutcases!

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.