Message to one diktator re another

Thursday, 20 October 2011

"DuQu": New Version of Stuxnet Detected

Researchers warn of new Stuxnet worm

Uranium enrichment centrifuge, SPL Stuxnet seems to have been designed to target uranium enrichment systems
Researchers have found evidence that the Stuxnet worm, which alarmed governments around the world, could be about to regenerate.
Stuxnet was a highly complex piece of malware created to spy on and disrupt Iran's nuclear programme.
No-one has identified the worm authors but the finger of suspicion fell on the Israeli and US governments.
The new threat, Duqu, is, according to those who discovered it, "a precursor to a future Stuxnet-like attack".
Its discovery was made public by security firm Symantec, which in turn was alerted to the threat by one of its customers.
The worm was named Duqu because it creates files with the prefix DQ.
Symantec looked at samples of the threat gathered from computer systems located in Europe.
Initial analysis of the worm found that parts of Duqu are nearly identical to Stuxnet and suggested that it was written by either the same authors or those with access to the Stuxnet source code.
"Unlike Stuxnet, Duqu does not contain any code related to industrial control systems and does not self-replicate," Symantec said in its blog
"The threat was highly targeted towards a limited number of organisations for their specific assets."
In other words, Duqu is not designed to attack industrial systems, such as Iran's nuclear production facilities, as was the case with Stuxnet, but rather to gather intelligence for a future attack.
The code has, according to Symantec, been found in a "limited number of organisations, including those involved in the manufacturing of industrial control systems".
Symantec's chief technology officer Greg Day told the BBC that the code was highly sophisticated.
Read the rest here.

No comments:

Post a Comment