The Stuxnet worm, aimed at the centrifuges in Iran's Natanz plant, transformed the cybersecurity field because it was the first known computer attack specifically designed to cause physical damage.
The precise origins of the worm remain unclear, but until now the earliest samples of Stuxnet had been dated to 2009.
Last June, The New York Times traced the origins of the top-secret program back to 2006.
According to CBS News, in a new report issued late Tuesday, Symantec Corp. pushed that timeline further back, saying it had found a primitive version of Stuxnet circulating online in 2007 and that elements of the program had been in place as far back as 2005.
Symantec's report suggested that an intermediate version of the worm, Stuxnet 0.5, was completed in November 2007.
That worm lacked some of the sophistication of its descendant, Symantec said, and was designed to interfere with the centrifuges by opening and closing the valves that control the flow of uranium gas, causing a potentially damaging buildup in pressure.
According to the report, Symantec said the servers used to control the primitive worm were set up in November 2005, suggesting that Stuxnet's trailblazing authors were plotting out their attack at a time when many parts of the Internet now taken for granted were not yet in place.
Twitter did not exist, Facebook was still largely limited to U.S. college campuses, and YouTube was in its infancy, the report said.
Washington: The computer worm that targeted an Iranian nuclear plant is older than previously believed, security experts from an anti-virus company have revealed.
First Published: Thursday, February 28, 2013, 14:05