“They are copying the design philosophy,” says Schouwenberg, adding that one now-popular technique found in conventional “criminal malware” was inspired by the discovery of Stuxnet.
For example, Stuxnet installed fake device drivers using digital security certificates stolen from two Taiwanese computer component companies, allowing them to sneak past any security software. Other malware now uses fake certificates in a similar way to hide malicious software from antivirus programs.
“Stuxnet was the first really serious malware with a stolen certificate, and it’s become more and more common ever since,” says Schouwenberg. “Nowadays you can see use of fake certificates in very common malware.”
Aviv Raff, chief technology officer and cofounder of Israeli computer security firm Seculert, agrees. “Design features of Stuxnet, Duqu, and Flame are appearing in opportunistic criminal malware,” he says.