Hackers are merely leaving usb infected sticks around which copy to the victim's machine and copy to any new usb sticks discovered...
Here's the catch, these infected sticks are starting to see code to communicate and upload to microcontrollers in one example infecting via the stick inside a nuclear station where it dpread machine to machine looking for hardware controllers then speeding up the servos or slowing thrm down to destroy rods i think...
So trojans infecting arduino's ? :o
You seemto be talking about the stuxnet worm which could attack Programmable Logic Controllers (PLC)s. It seems to be very sophisticated and required large resources to develop.
USBs are now spreading malware in the same way floppy disks used to.
I can see the PC on which you run your IDE getting infected though I doubt the arduino could get infected in any meaningful way i.e. somebody being able to control something.
Maybe we can make a sketch for an Arduino with USB shield as Virus/malware detector
radman:
You seemto be talking about the stuxnet worm which could attack Programmable Logic Controllers (PLC)s. It seems to be very sophisticated and required large resources to develop.USBs are now spreading malware in the same way floppy disks used to.
I can see the PC on which you run your IDE getting infected though I doubt the arduino could get infected in any meaningful way i.e. somebody being able to control something.
And those PLCs were usually plugged into computers running unpatched or pirated versions of Windows XP. 
Its a really cool attack vector though. Just buy a bunch of bulk USB drives on ebay, load virus, sprinkle them around in the parking lot of "Competing Company A", and then profit. Smart sysadmins disable auto-run and USB ports though.
The problem is, a lot of these older industrial control programs only run on old operating systems. They cost so much to initially develop, that the company doesn't want to pay a programmer to make a new controller. It wouldn't be too big of a deal, but people can't live without Facebook and Twitter now, so these machines are plugged into the local network so their users can screw around all day instead of working.
wizdum:
And those PLCs were usually plugged into computers running unpatched or pirated versions of Windows XP.
That reads as the words of some spokesman of Microsoft trying to convince the world to buy their latest products (over and over and over again).
Unpatched computers are no problem whatsoever and are more or less standard in SCADA systems that are not connected to an other than the internal network.
That means no internet connection whatsoever.
Internet has no business in nuclear reactor control rooms.
Patching systems that are part of critical (nuclear) processes is something that has to be tested extensively before applying that patch.
You won't be able to do that every "patch tuesday".
So if the base is stable, and you have no external (network) connections why would you need to patch/update of which you don't know what that will do with stability.
If you do need to backup or update/restore the SCADA application, you should use media that is only used for that goal and that is loaded from a system that meets the same conditions or is up to date.
Internet has no business in nuclear reactor control rooms.
Did you check Homer Simpson? 
More serious, I think you mean:
The computers in the control room controlling the nuclear reactor should never be connected to the Internet.
There may be additional computers for communication documentation simulation etc
MAS3:
wizdum:
And those PLCs were usually plugged into computers running unpatched or pirated versions of Windows XP.That reads as the words of some spokesman of Microsoft trying to convince the world to buy their latest products (over and over and over again).
Unpatched computers are no problem whatsoever and are more or less standard in SCADA systems that are not connected to an other than the internal network.
That means no internet connection whatsoever.
Internet has no business in nuclear reactor control rooms.
Patching systems that are part of critical (nuclear) processes is something that has to be tested extensively before applying that patch.
You won't be able to do that every "patch tuesday".
So if the base is stable, and you have no external (network) connections why would you need to patch/update of which you don't know what that will do with stability.
If you do need to backup or update/restore the SCADA application, you should use media that is only used for that goal and that is loaded from a system that meets the same conditions or is up to date.
I have no love for MS, so take that crap elsewhere. One of the early patches for Windows XP removed the USB Autorun "Feature". So yes, a Patch Tuesday patch would have prevented that. There are more complex auto-execution hacks, but they still require the user to run them manually (and hopefully people working in these places no not to run random .exe files they find on a thumbdrive in the parking lot). Windows XP is 12 years old. Is 12 years enough time to "test extensively before applying that patch"? As I said in my previous post, these systems were never supposed to be online in the first place, but they are placed on the public network to make users happy. The problem is threefold: lazy sysadmins, cheap upper management, and outdated software. Obviously jumping on the RTM version of Windows 8.1 is a bad idea, but how about trying an OS that was created in THIS decade? Or better yet, get rid of Windows entirely and use a stripped down variant of Linux with no GUI or USB support.
these infected sticks are starting to see code to communicate and upload to
microcontrollersPLCs in one example infecting via the stick inside anuclear stationuranium enrichment plant where it dpread [sic] machine to machine looking for hardware controllers then speeding up theservosgas centrifuges or slowing thrm[sic] downto destroy rods/disrupt yield i think...
Close, but no cigar.
(old news, BTW)
The stuxnet dossier is a good read.
wizdum:
And those PLCs were usually plugged into computers running unpatched or pirated versions of Windows XP.
I have dozens of PLC's under my control at work, none of them require attachment to a PC, and when they do its typically via a GPIO interface (ISA PCI USB whatever) sending single bits on single channels
not saying that machines dont use direct computer connections over some bus, but its typically a very simple bus, much like an arduino ... so unless your saving raw data from a plc, packing it up and running it as a windows exe, its not that big of a deal
Osgeld:
wizdum:
And those PLCs were usually plugged into computers running unpatched or pirated versions of Windows XP.I have dozens of PLC's under my control at work, none of them require attachment to a PC, and when they do its typically via a GPIO interface (ISA PCI USB whatever) sending single bits on single channels
not saying that machines dont use direct computer connections over some bus, but its typically a very simple bus, much like an arduino ... so unless your saving raw data from a plc, packing it up and running it as a windows exe, its not that big of a deal
I'm not sure how these were interfaced with a Windows PC, but they were able to change some of the instructions for the PLCs from the Windows environment. Wikipedia says they used this: WinCC - Wikipedia.
Stuxnet installs malware into memory block DB890 of the PLC that monitors the Profibus messaging bus of the system.[40] When certain criteria are met, it periodically modifies the frequency to 1410 Hz and then to 2 Hz and then to 1064 Hz, and thus affects the operation of the connected motors by changing their rotational speed.[46] It also installs a rootkit – the first such documented case on this platform – that hides the malware on the system and masks the changes in rotational speed from monitoring systems.
The other kinds of SCADA "vulnerabilities" are as you say, not a big deal. The one that comes to mind is a nuclear power plant in France. The system is on the internet, and you can access it remotely using default telnet credentials. The only thing it gets you is a page of statistics. You can see their total power output, output per reactor, temperatures, stuff like that.