… this is just too interesting not to comment:

http://arstechnica.com/security/2013/03/the-worlds-most-mysterious-potentially-destructive-malware-is-not-stuxnet/

Basically, this is one of the most well-engineered pieces of malware; so much so that researchers still don’t know how it spreads. I highly recommend you read the whole thing, but some highlights about the malware:

  • Cryptographically obfuscated payload – the key is the configuration of the target machine.
  • Unknown attack vector
  • Well-engineered load-balancing of C&C servers
  • Inexplicable other behaviors, such as installing a new font (?)

The bottom line is this is the most interesting piece of malware I’ve seen in a long time, all seemingly from the authors of Stuxnet (supposedly the US or Israeli government).