Stuxnet is the most high-profile piece of malware crashing Windows 95 and 98

At the RSA Conference 2015  held in San Francisco, it was announced that Stuxnet could have blown its cover and failed its sabotage mission due to a bug that allowed it to spread to ancient Windows boxes, malware analysts reckon.

The malware ruined Iran’s Natanz uranium enrichment facility by subtly wrecking computer-controlled fuel centrifuges.

Stuxnet had to remain undetected to the Iranians or else it would have ruined the operation. Regrettably, a programming fault would have allowed it to spread to PCs running older and unsupported versions of Windows, and probably causing them to crash as a result. Those blue screens of death would have raised suspicions at the Natanz nuclear lab.

“Stuxnet could have been over before it started by crashing Windows 95 and Windows 98 systems,” Leder told the RSA security conference in San Francisco on Thursday.

“Unfortunately, someone had a bad day when they programmed Stuxnet, and swapped the characters and the result was that it was checking ‘or’ … which resulted in it installed on any version of Windows, even Windows 95 and 98 which were not supported.

At last, Stuxnet was able to successfully devastate the centrifuges before it was discovered in 2010. Stuxnet is just the most high-profile piece of malware in which the pair has found bugs. The duo said a programming error in the Conficker worm slashed its potential victim base.

Conficker, which attacked Windows machines across networks and the internet, should have infected nearly everybody. Instead, it could only scan a quarter of the entire IPv4 addresses due to a bug in the way it generated addresses at random.

Werner said at the RSA conference:

“If you sequentially attack victims, that are easily detected, so these guys did it a bit smarter, and chose addresses by random.”

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Become an Expert in Ethical Hacking

This article is mainly addressing the audience who wants to pursue their career in Cybersecurity as a professional that provides ethical hacking services, whether...

5 Cybersecurity Tips to Keep in Mind When Working From Home

  Due to the ongoing global health crisis, more and more people are being forced to work from their homes. In fact, Forbes estimates that about...

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...