Stuxnet: Zero Victims

The title should read something like &quot;Initial victims&quot;. The article isn&#x27;t claiming there weren&#x27;t any victims; it&#x27;s just the opposite, that there were multiple (5) primary sites affected by the attack, which they attempt to pinpoint and analyze.<p>I guess the chose the title by analogy with the term &quot;patient zero&quot;, since &quot;patients zero&quot; wouldn&#x27;t have quite made sense.

In reading this, I&#x27;m astonished at how primitive Stuxnet was. If I were writing a worm that saved information on infected systems, I would have:<p><pre><code> created a public&#x2F;private key pair included the public key in the worm encrypted interesting stuff with the public key </code></pre> That way nobody would be able to decrypt any of the information saved by the worm if they didn&#x27;t know the private key.<p>Does that make sense or am I missing something obvious? Why did Stuxnet keep a cleartext embedded trail of systems it traversed? I can&#x27;t grok that at all.

Please change the submission to a secure URL: <a href="https://securelist.com/analysis/publications/67483/stuxnet-zero-victims/" rel="nofollow">https:&#x2F;&#x2F;securelist.com&#x2F;analysis&#x2F;publications&#x2F;67483&#x2F;stuxnet-z...</a>

&gt; The name could mean that the initial infection affected some server named after our anti-malware solution installed on it.<p>Unlikely to be a server given that OS version number on the &quot;KASPERSKY ISIE&quot; line is 5.1, which corresponds to that of Windows XP [+].<p>&gt; KALASERVER, ANTIVIRUSPC, NAMADSERVER: judging by the names, there were at least two servers involved in this case too.<p>..also judging by the &quot;5.2&quot; on each line, which corresponds to the OS version of Windows Server 2003 (including R2). &quot;5.2&quot; also could indicate Windows XP 64-bit Edition, but that seems much less likely to be the case.<p>[+] <a href="http://msdn.microsoft.com/en-us/library/windows/desktop/ms724832%28v=vs.85%29.aspx" rel="nofollow">http:&#x2F;&#x2F;msdn.microsoft.com&#x2F;en-us&#x2F;library&#x2F;windows&#x2F;desktop&#x2F;ms72...</a>