Anonymous Operations Comments on Stuxnet Rumors

I recently interviewed members of Anonymous Operations on their IRC channel for journalists. There were some interesting parts, particularly about them getting Stuxnet from emails they stole from HB Gary.

I’ve pasted the conversation about Stuxnet below, but for those without time to read it: Yes, they have Stuxnet, but only the binaries—not the source code as was rumored. They don’t seem to have any plans to use it since the vulnerabilities are now patched and it was meant to destroy only a specific type of system (nuclear centrifuges).

I’ll have an article online tomorrow with more from the interview, but for now, here’s the excerpt on Stuxnet:

Me: also, is it true you guys got your hands on Stuxnet from

their emails?

Anon: just the binaries

Anon: but someone decomplied it

Me: any plans to use it?

Anon: Not sure how we could use a virus designed to destroy SCADA systems

Me: good point

Anon: crowdleaks.org decomplied it

Anon: decompiled*

Anon: see http://crowdleaks.org/hbgary-wanted-to-suppress-stuxnet-research/

Anon: https://github.com/Laurelai/decompile-dump

Me: very interesting

Me: what were the parts of the emails that make you think HBGary was planning to use Stuxnet for its own purposes?

Anon: I didn’t say that 😛

Anon: I don’t think they did

Me: oh, wait – it was a claim by Crowdleaks

Anon: I think in this case, HBGary was pretty much acting like any other

security company

Anon: but the media just magnified the scenario

Anon: to say that Anonymous has control over Stuxnet

Anon: which is just blown out of proportion

Me: interesting

Me: what are some of the misconceptions?

Anon: ah stuxnet. indeed. narf.

Anon: that Anonymous has the source code of stuxnet

Anon: foxnews for instance grabbed that up: “OMG Anonymous has Stuxnet”

Anon: 1) binaries were out before, it wasn’t special

Anon: 2) vulnerabilities have been patched by now

Anon: 3) it’s basically… uninteresting.

Anon: but ofc for some media outlets that was apparently a big thing, simply because “stuxnet” was big in the news before.

Anon: the only difference now is that anyone can get a copy of the virus 😛