In June 2010, a computer worm known as Stuxnet was found in Iranian nuclear-control computers. This week, a similar computer virus, dubbed Duqu, has been discovered in European industrial control computers.
Symantec discovers Duqu
Computer security firm Symantec announced on its website Tuesday that it has discovered a computer virus dubbed Duqu. The computer virus reportedly contains “very similar” programming to the Stuxnet virus. The researchers at Symantec believe that Duqu, so named because it creates files with ~DQ at the beginning, was programmed by someone with direct access to the Stuxnet source code. The virus is not the same, but it is very similar.
What Duqu does
Rather than directly controlling or attacking computers, Duqu gathers information. Once Duqu has infected a computer, it provides a stolen security certificate, contacts a server in India, downloads additional code, then mines the computer for information, sending it back to the server via encrypted JPG files. This makes the traffic look like normal web traffic, and after 36 days the virus removes itself from the computer. Thus far, at least three variants of Duqu have been identified in European industrial control companies. Researchers theorize that the virus is intended to download sensitive information that could be used to launch further, destructive effects.
A new era of cyberwarfare
When Stuxnet was originally activated and then discovered, it was hailed as the “first shot in a new cyber war.” Duqu appears to be a second attack in this virtual war. Duqu has only been discovered on a few computers that are part of European electronics and control manufacturing systems. The control systems of many high-value targets are run on computer systems with known or easily exploitable vulnerabilities.
Educational group may have discovered Duqu
Though Symantec was the group to research and announce the discovery of Duqu, the company does not claim to have discovered the virus. Instead, Symantec was alerted of the existence of Duqu by a “research lab with strong international connections” that wishes to remain anonymous.
Tehran Times: http://www.tehrantimes.com/world/3736-west-gets-taste-of-their-own-medicine-as-new-stuxnet-targets-europe/
Wall Street Journal: http://blogs.wsj.com/tech-europe/2011/10/19/son-of-stuxnet-virus-uncovered/?mod=google_news_blog
New York Times: http://www.nytimes.com/2011/10/19/technology/stuxnet-computer-worms-creators-may-be-active-again.html
Do you have a fantastic idea related to this article, but just don't have the money you need to start your own company or side-business? Get the loans you need from https://personalmoneynetwork.com to help get your new company underway, from the small loan professionals at PersonalMoneyNetwork.