Stuxnet raw data [Cypherpunked]

seeders: 1
leechers: 0
Download torrent
Added on August 1, 2015 by Cypherpunkedin Other > Unsorted
Torrent verified.


Stuxnet raw data [Cypherpunked] (Size: 11.08 MB)
 .ds_store6 KB
 HBG-Stuxnet-Raw.pdf4.75 KB
 lsass2_memorymod-pe-0x00090000-0x0010a000.livebin.exe488 KB
 memorymod-0x006b0000-0x006b1000.450210202.mapped.livebin4 KB
 maindll_dropper_memorymod-pe-0x10000000-0x10138000.livebin.exe1.22 MB
 S_D102BDAD06B27616BABE442E144610595.09 KB
 memorymod-pe-0x00090000-0x0010a000.1990061290.mapped.livebin488 KB
 desktop.ini46 bytes
 kernel32.dll.aslr.00013b86.1616636409.mapped.livebin1.22 MB
 lsass.exe.1373553098.mapped.livebin24 KB
 mrxcls.sys.livebin.exe20 KB
 unknown_hook_in_services_memorymod-0x006b0000-0x006b1000.livebin.exe4 KB
 hw_e.gif19.1 KB
 25209116_STEP7Example.zip515.7 KB
 SIMATIC_STEP7_Basic_software.jpg76.87 KB
 STL-cheat-sheet-by-category.pdf138.86 KB
 STL-cheat-sheet-by-alphabet (1).pdf129.97 KB
 S_ST70_XX_00030V.tif552.36 KB
 bin222.bin100 KB
 bin240.bin4.07 KB
 bin242.bin16.99 KB
 bin250.bin40 KB
 bin221.bin142.5 KB
 bin241.bin25.12 KB
 bin210.bin9.5 KB
 bin202.bin14.5 KB
 bin201.bin25.99 KB
 bin203.bin5.11 KB
 ddna_panel.png236.88 KB
 Notes.txt16.33 KB
 s7otbxsx_wrapper.dll291.02 KB
 stuxnet.docx27.03 KB


Description

Stuxnet is a computer worm that was discovered in June 2010. It was designed to attack industrial programmable logic controllers (PLCs).

Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in automobile or power plants), the majority of which reside in Europe, Japan and the US. Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.

Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, preventing detection of the presence of Stuxnet.

Stuxnet is typically introduced to the target environment via an infected USB flash drive. The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of both criteria, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the codes and giving unexpected commands to the PLC while returning a loop of normal operations system values feedback to the users.

This is a copy of the raw Stuxnet data, for educational and informative purposes only. If you use this to cause damage to yourself or anyone else, you are either an idiot or an ass.

*Note: You are downloading information related to or containing malware. AV scans have given conflicting results.

A note from Cryptome:
Twelve Norton AV quick scans during the period failed to spot the intruder; a full scan on 28 February 2011 found it inside a HBGary Zipped file which was inside a Cryptome Zipped file. No other of the 33 HBGary files posted to Cryptome have been reported by Norton AV as a risk -- so far. Some intruders are designed to remain out of sight until a particular time or circumstance, or never revealed, quietly doing their job like Stuxnet and its kin in malware, copyright policing, cyberspying and cyberwar, all HBGary and its kin specialization in trickery.

While the warning may be due to the illicit characteristics of Stuxnet, there has been speculation that HBGary salted its files with hidden bait and markers for tracking thieves and invaders. The "Stuxnet" in this file may be bait for a trap or a phony virus-warning generator to scare off transgressors. HBGary researched, designed and deployed bait to test security risks as well as covertly installed security breachers using common deception techniques such as giving files popular names. HBGary emails describe measures taken when examining illicit programs on isolated machines with tools designed to avoid contamination, knowing that invaders themselves often set bait for outsmarting and entrapping researchers.

Unanswered still is what countermeasures the targets of Stuxnet have designed to use the program for counterattack such as unleashing a modified Stuxnet version with hidden features. This appears to be one of the purposes for HBGary to research the program for McAfee and others. HBGary laying low at the moment may be attributed to its harvesting results of the all-too-easy email hack, or if it did not facilitate the hack by lowering the security bar for Anonymous social engineering, to take advantage of the credulity and unwariness of its email consumers to well-known security deceptions, such as social engineering and facilitated hacks for covert release of bait, tracers and markers.

Bear in mind that there has been speculation that files submitted to Wikileaks, TOR and others have been used for this purpose. Heeding security wizards such HBGary, Cryptome regularly warns of its being used for this common ruse. The best security wizards never tell the whole truth, stating there is no such thing, there is only trickery -- that is no doubt adept social engineering of marketing. Good buddy of HBGary, Palantir, is reported today intending to replace Google as the premier Internet spying trickster.


Anonymous notes:
Just got around to having a look and my anti-virus, Avast, flagged the binaries in the Stuxnet directory of the zip file. I'm not privy to Avast's naming but I took a cursory look at it and the alarms identified it as Stuxnet, parts or variants C and B, specifically a dropper, rootkit stuff and infected binaries that replace or circumvent parts of the kernel and Windows firewall, which are generically named as common malware, I think.

Sharing Widget


Download torrent
11.08 MB
seeders:1
leechers:0
Stuxnet raw data [Cypherpunked]