Hacking Stories: How Stuxnet Malware Caused a 1 Million USD Loss

Rhythm Jain
May 6, 2021

The story behind one of the deadliest malware capable to blast a country!

Has it ever crossed your mind that malware can be capable of blowing up a whole country?

Seems impossible and foolish, right? Don’t worry, by the end of this blog, your mind will be blown.

A computer worm named Stuxnet, which was first discovered in 2010, was made to target Iran’s nuclear power plant. It is believed that the malware was a cyber weapon collectively built by two countries, who didn’t want to lag behind Iran’s rapid nuclear growth. However, until now, none of these two countries have accepted it.

It wasn’t the first time that a country had created a cyber weapon, but in this case, it led to something really dangerous!

How the malware spread

Stuxnet was basically designed to target Supervisory Control And Data Acquisition (SCADA) systems which would cause potential damage to Iranian nuclear power plants. This malware took advantage of four zero-day vulnerabilities present in Microsoft Operating Systems and subsequently attack a specific software.

It was discovered that the malware did not target the power plant directly, but rather five partner companies, which were believed to be connected to Iran’s power plant. The malware spread through USB Flash sticks and even infected the systems which were not connected to the internet.

usb malware

What did the malware do

Stuxnet reportedly compromised Iranian’s Programmable Logic Controllers often known as PLCs, which were used to give commands to the machinery of the power plants. The malware targeted the gas centrifuges, which were responsible to control the chain reactions of Uranium and for cooling down the cylinders where the reactions were taking place.

The normal rotational frequency of these centrifuges was 807Hz to 1210Hz. Yet, after the infection, the frequency fluctuated between 1410Hz and 2Hz and then to 1604Hz, which damaged the centrifuges very badly. It even could have resulted in a possible blast if proper steps weren’t taken immediately. The scariest part is that the machinery was spoofed so well that there were no warnings or danger alarms showing up. This made the condition worse and it made it harder to identify the abnormality.

I know what you are thinking. Crazy, right? I bet it gave you chills!

Total damage and 1 million USD Loss to Iran

It is reported that more than 30,000 IPs were affected and Stuxnet became the fastest malware to spread in Iran. Iran faced a big loss estimated at about 1 million USD. Also, the removal of malware was a very tough and challenging job as it is believed that the antivirus that was run against the malware was not removing it, but rather made it more complex and irresistible.

written by
Rhythm Jain
Ethical Hacker

Compare and find the pentesting company you trust

No credit card required.
Oops! Something went wrong while submitting the form.