SecurityWeek reports that more details regarding the Stuxnet malware, which is thought to be co-developed by the U.S. and Israel in 2010 to target Iran's nuclear infrastructure-related industrial control systems, have emerged following a two-year probe by De Volkskrant, a Dutch newspaper.
Investigation by De Volkskrant revealed that an Iranian nuclear facility was compromised with Stuxnet through a water pump by Dutch engineer Erik van Sabben under the orders of the Netherlands' General Intelligence and Security Service, which reportedly did not notify the Dutch government regarding the operations after being sought by American and Israeli intelligence agencies.
Such a claim was not confirmed by then-CIA Chief Michael Hayden, who noted in an interview with the publication that information regarding Stuxnet remains classified, but researcher Ralph Langner said that the malware could not be carried by a water pump.
Meanwhile, Stuxnet was noted by the Dutch newspaper's sources to have cost from $1 billion to $2 billion but such figures have been disputed by WithSecure Chief Research Officer Mikko Hypponen and former Kaspersky Research Team Director Costin Raiu.
Malicious updates have been recently issued to the Python Package Index package "django-log-tracker," which was last modified in April 2022, to facilitate the distribution of the Nova Sentinel information-stealing malware, The Hacker News reports.