Industry Online Support
Technical Forum
10/12/2010 2:28 PM | |
Joined: 10/12/2010 Last visit: 9/4/2024 Posts: 1 Rating: (1) |
Hello, Experts I read the following information on the internet: Let’s now take a look at how access to the PLC works when Stuxnet is installed. When executed, Stuxnet renames the original s7otbxdx.dll file to s7otbxsx.dll. It then replaces the original DLL with its own version. Stuxnet can now intercept any call that is made to access the PLC from any software package. The information on the internet speaks about Infection on WinCC/PCS7 PCsManny applications make use of S7otbxdx.dll, like Step7, prodave, winccflexible (PC environment) Question:Am I right that the virus also can be activated on pc with the installed software mentioned above and not only Wincc and/or PCS7 environments? .
Splitted from Virus Stuxnet injects Step7 code into OB 35.. |
Last edited by: O_Moderator at: 10/15/2010 8:33 AMnew subject after splitting |
|
10/24/2010 12:09 AM | |
Joined: 1/7/2006 Last visit: 11/17/2023 Posts: 2705 Rating: (318) |
Hi, The virus is especially made for PCS7/WinCC, if you read the information well the blocks that are used are not possible in a S7-300 because the numbers are to high, Further the need of the DP-blocks is never used in a S7-400.... If the viruskiller on your PC is up-to-date and the security packages from Windows are installed then it is not possible that the virus can do anything, so is it important to hold this software always up-to-date. See also the link on the webpage from Siemens. SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan |
I hope that the answer will help, if you have still questions, don't hesitate to ask me. |
|
Follow us on