‘Irongate’ attack looks like Stuxnet, quacks like Stuxnet … by Darren Pauli.
From the post:
FireEye threat researchers have found a complex malware instance that borrows tricks from Stuxnet and is specifically designed to work on Siemens industrial control systems.
Josh Homan, Sean McBride, and Rob Caldwell named the malware “Irongate” and say it is probably a proof-of-concept that is likely not used in wild.
Industrial control system malware are complex beasts in large part because exploitation requires knowledge of often weird, archaic, and proprietary systems.
The steep learning curve required to grok such systems limits the risk presented by the many holes they contain.
…
See Darren’s post for references on the “replay” mechanism used by “Irongate.”
What caught my attention was: “…often weird, archaic, and proprietary systems.”
Does that sound like SWIFT and financial software in general?
If SWIFT and related software has the vulnerability characteristics of Flash, the financial community is in deep doo-doo.
Won’t know until someone spends some serious time with that weird, archaic, and proprietary system known as SWIFT.
You should get an account at TotalVirus. Reported as where “Irongate” first appeared.