Detections
Analytics

Stuxnet Infected Host Detection

critical Nessus Network Monitor Plugin ID 5738

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host is running the Stuxnet trojan. This was determined based on the RPC UUID. Stuxnet is a Trojan which uses multiple vulnerabilities to infect and spread to nearby hosts. Ultimately, the Trojan attempts to gain access to a SCADA network.

Solution

Manually clean the infected machine

Plugin Details

Severity: Critical

ID: 5738

Family: Backdoors

Published: 12/6/2010

Updated: 1/15/2016

Vulnerability Information

Vulnerability Publication Date: 7/1/2010