Symantec says that Stuxnet malware, which targeted an Iranian nuclear plant, is older than previously believed, as the earlier variants of it were in operation as early as 2005.
Symantec recently analyzed a sample of Stuxnet that predates version 1.001. Analysis of this code revealed the latest discovery to be version 0.5 and that it was in operation between 2007 and 2009 with indications that it, or even earlier variants of it, were in operation as early as 2005.
Stuxnet, one of the most sophisticated pieces of malware ever written, was discovered in 2010. This complex malware took many months to analyze and the eventual payload significantly raised the bar in terms of cyber threat capability.
Experts believe that Stuxnet damaged or destroyed centrifuges at Iran's Natanz plant in about 2009. The cyber attacks were attributed by security experts to U.S. and Israeli intelligence. Stuxnet proved that malicious programs executing in the cyber world could successfully impact critical national infrastructure.
Previously, the earliest known variant of Stuxnet was version 1.001 created in 2009.