By William Jackson
On June 24, local time, the replication routines in Stuxnet turned themselves off, effectively halting the spread of the sophisticated cyber weapon.
According to researchers who have analyzed Stuxnet code, it was a feature, not a bug.
“The code will still run, but one of the first things it does when it starts running is check the date” of the machine in which it has been installed, said Liam O Murchu, manager of operations for Symantec Security Response. If the date is after June 24, 2012, it no longer copies itself to USB memory sticks, the malware’s preferred means of spreading.
The configuration file containing the kill date could be updated, but no signs of this were seen in any iterations of the code, O Murchu said. Once deactivated, “it would be difficult to get it to reactivate,” he added, indicating that the shutdown was planned.
Source: Government Computer News