image credit: pxhere
The notorious Stuxnet malware, which the United States and Israel used to cause damage to Iran’s nuclear program, was designed to target SIMATIC S7-300 and S7-400 PLCs made by Siemens. Stuxnet loaded malicious code onto targeted PLCs by abusing Siemens’ STEP7 software, which is provided by the German industrial giant for programming controllers.
Stuxnet replaced a library named s7otbxdx.dll, which STEP7 uses to access a PLC, with a malicious version using a method called reflective DLL loading, which involves loading a DLL from memory. This allowed the attackers to inject their malicious code into the targeted controller.
Comments are closed.
