Stuxnet Includes Expiration Date to Halt Spread of Malware - Security - News & Reviews - eWeek.com | eWeek
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Stuxnet Includes Expiration Date to Halt Spread of Malware

Written By
eweekdev
eweekdev
Jun 25, 2012
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

By: Robert Lemos

Stuxnet is many things: A cyber-weapon, a nation-state attack on Iran’s nuclear processing capability, and a computer virus. On Sunday, however, the program ceased its run as a slowly spreading virus.

On Monday, researchers at Kaspersky Labs identified an expiration date-June 24, 2012-within the Stuxnet’s code that halted the program from propagating via USB memory sticks. While Stuxnet is not dead, the program has outlived its useful life, says Roel Schouwenberg, senior researcher with Kaspersky.

“The authors decided that this was the end date of the mission,” says Schouwenberg.

Stuxnet is the youngest of the three programs identified by security researchers as potential nation-state attempts to create digital weapons to use against rivals. The recently discovered Flame malware appears to be the oldest program, first released perhaps five years ago. While researchers are still analyzing the program’s modules, the attack’s main goal is stealing information and espionage. Similarly, Duqu, a program released after Flame, also aims to steal information.

Unlike Flame and Duqu, Stuxnet was created to spread on its own so it could infiltrate sensitive networks not usually connected to the Internet.

“Remember here, unlike with Duqu and Flame, Stuxnet was autonomous,” Schouwenberg says. “The authors, with Stuxnet, were more aggressive.”

While many security experts theorized that Stuxnet was the work of the United States and Israel, the evidence supporting the assertion was almost entirely circumstantial. In a recent book, however, David Sanger of The New York Times reported that sources at the White House had confirmed that Stuxnet was the work of the two countries.

The authors of Stuxnet released the attack in three waves. On June 23, 2009, the program was seeded in certain systems, with two more waves on June 28 and July 7, 2009, according to a Kaspersky Labs analysis. Stuxnet infected Windows systems and, on computers running specific control software from Siemens, infected the control programs for certain industrial equipment, most notably the centrifuges used to refine uranium.
eweekdev
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information