Skip to main content

BitDefender outs free tool to kill Stuxnet worm

Insecurity outfit BitDefender has released a free removal tool targeting the infamous Stuxnet worm which has blighted industrial systems from Iran to Indonesia.

BitDefender reckons the tool is capable of removing all known variants of Win32.Worm.Stuxnet, as well as the rootkit drivers that are used to conceal critical components of the worm.

The Stuxnet worm is designed to spy on and/or sabotage supervisory control and data acquisition (SCADA) systems that operate and monitor critical installations in power plants, oil and gas refineries, factories and other industrial facilities.

It is thought the worm was deliberately targeted at Iran's nuclear installation. Certain rival nuclear powers think Iran shouldn't have the bomb. Believe it or not some people also think the US and A shouldn't have the bomb. Israel pretends it doesn't have any bombs, honest guv.

BitDefender said the worm spreads by taking advantage of a multitude of 0-day exploits in the current versions of Windows. It can execute itself from an infected removable medium as soon as the .lnk file on the drive has been read by the operating system. Successful exploitation of this vulnerability results in the injection of a backdoor, as well as the installation of two rootkits that will conceal both the .lnk files and the accompanying .tmp files.

The tool can be run on both 32- and 64-bit installations and it will eliminate both the rootkit drivers and the worm.

The Win32.Worm.Stuxnet Removal Tool can be downloaded here.