Duqu virus uses Stuxnet DNA to mine industrial data

October 19, 2011

The computer code behind the Duqu virus appears to built on the same code as infamous virus Stuxnet. Image: Flickr / pablobd / CC-BY-SA
The computer code behind the Duqu virus appears to built on the same code as infamous virus Stuxnet. Image: Flickr / pablobd / CC-BY-SA

In June 2010, a computer worm known as Stuxnet was found in Iranian nuclear-control computers. This week, a similar computer virus, dubbed Duqu, has been discovered in European industrial control computers.

Symantec discovers Duqu

Computer security firm Symantec announced on its website Tuesday that it has discovered a computer virus dubbed Duqu. The computer virus reportedly contains “very similar” programming to the Stuxnet virus. The researchers at Symantec believe that Duqu, so named because it creates files with ~DQ at the beginning, was programmed by someone with direct access to the Stuxnet source code. The virus is not the same, but it is very similar.

What Duqu does

Rather than directly controlling or attacking computers, Duqu gathers information. Once Duqu has infected a computer, it provides a stolen security certificate, contacts a server in India, downloads additional code, then mines the computer for information, sending it back to the server via encrypted JPG files. This makes the traffic look like normal web traffic, and after 36 days the virus removes itself from the computer. Thus far, at least three variants of Duqu have been identified in European industrial control companies. Researchers theorize that the virus is intended to download sensitive information that could be used to launch further, destructive effects.

A new era of cyberwarfare

When Stuxnet was originally activated and then discovered, it was hailed as the “first shot in a new cyber war.” Duqu appears to be a second attack in this virtual war. Duqu has only been discovered on a few computers that are part of European electronics and control manufacturing systems. The control systems of many high-value targets are run on computer systems with known or easily exploitable vulnerabilities.

Educational group may have discovered Duqu

Though Symantec was the group to research and announce the discovery of Duqu, the company does not claim to have discovered the virus. Instead, Symantec was alerted of the existence of Duqu by a “research lab with strong international connections” that wishes to remain anonymous.

Sources

Tehran Times: http://www.tehrantimes.com/world/3736-west-gets-taste-of-their-own-medicine-as-new-stuxnet-targets-europe/
Wall Street Journal: http://blogs.wsj.com/tech-europe/2011/10/19/son-of-stuxnet-virus-uncovered/?mod=google_news_blog
New York Times: http://www.nytimes.com/2011/10/19/technology/stuxnet-computer-worms-creators-may-be-active-again.html

Post By bryanh (1,397 Posts)

Connect

Do you have a fantastic idea related to this article, but just don't have the money you need to start your own company or side-business? Get the loans you need from https://personalmoneynetwork.com to help get your new company underway, from the small loan professionals at PersonalMoneyNetwork.

PG&E to pay $70 million for pipeline tragedy

Pacific Gas and Electric was responsible for a pipeline explosion that killed eight in 2010. Image: juggernautco/Flickr/CC BY

Pacific Gas and Electric Co., a northern California utility, has agreed to pay $70 million to the California town of San Bruno for a pipeline explosion that killed eight people in 2010. Company says it’s remorseful The San Francisco-based power company’s president, Chris Johns, released a statement Monday, saying PG&E is sorry and eager to [...]

Judge stabbed and deputy shot in Washington courthouse

Grays Harbor County Courthouse. Image: MiK/Flickr/CC BY-SA

Following a standoff in a Washington state county courtroom Friday, a man reportedly escaped after shooting a sheriff’s deputy in the shoulder and stabbing a judge in the neck. The man is still at large. Treachery among the tree farms The incident occurred Friday afternoon in the western Washington town of Montesano, which bills itself [...]

Microraptor was one flashy little dinosaur

This Microraptor fossil is preserved at China's Shandong Tianyu Museum of Nature. Image: Hello, I am Bruce/Flickr/CC BY-SA

A team of Chinese and American scientists have found that Microraptor, a small four winged dinosaur that went extinct about 130 million years ago, was likely black and almost certainly had glossy, iridescent feathers. Until now, the coloring of extinct creatures was a matter of pure speculation. That may no longer be the case. The [...]

Autocorrected message leads to school lockdown

The Gainesville, Ga. Homage to the Sun presides over anotehr day as a piotential tragedy turns out to be a mistake. Image" Olaf/Flickr/CC BY-SA

Adjacent schools in Georgia were locked down for two hours Wednesday after a text message reportedly warned of a “gunman” on campus. Later, it was learned that the message was the result of a smartphone autocorrect function, attempting to “fix” the misspelled slang word “gunna.” A series of mixups A series of mixups led to [...]

Recent Posts by

Coca-Cola has begun to use a different kind of caramel color to avoid a cancer label. (Photo Credit: Public Domain/Cane cane/Wikipedia)