Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

by Kim Zetter

If an antivirus engine grew suspicious of the files in memory and tried to examine them, Stuxnet was prepared for this as well. Because it controlled parts of the Windows API responsible for displaying the attributes of files, it simply tricked the scanner into thinking the files were empty, essentially telling it, “Nothing to see here, move along.”3