It seems wholly unsurprising that malware targeting a specific airgapped network would also spread through other networks through whichever means are used to breach the airgap.

> Later "public" appearances appear to be from proximal but unrelated sources & showed variations in code content that suggest a lower skilled operator had altered the original code.

What modifications are you referring to? This documentary makes a vague claim that Israelis modified the spreading code to be more aggressive, but doesn’t really substantiate it.

The documentary certainly doesn’t claim that the changes made by the Israelis weren’t necessary for the operation to succeed.

I haven't seen the doc but I've read Countdown to Zero Day and I'm not sure I agree (or maybe I'm misunderstanding). The worm was designed to spread as aggressively as possible, but to remain imperceptible on any system except for the target system.

While they probably planted it in close proximity to the target, they had to know that it was going to spread throughout the world. I don't think that was the result of taking it a step too far, rather it was a result of the core strategy.

That's interesting. I had no idea that it was recoded and rereleased into the wild. Could it have been Israel? It definitely doesn't sound like something the US would do. Maybe Iran after discovering it tried to repurpose it?

I was always under the impression that it got out because the original attack vector was via a USB with some boss's naked wife on their, incentivizing him to bring it into the office... Then they also brought it out