Duqu exploits zero-day vulnerability for distribution

We have already announced about Duqu rootkit which is a dangerously designed virus exploiting a zero-day vulnerability in Windows. Besides, you should have also heard that this threat is a latest combination of Stuxnet rootkit and a backdoor Trojan what makes it even more dangerous for PC users. At a closer look, Duqu Rootkit is powerful enough to attack 32-bit and 64-bit editions of the Microsoft Windows OS. As soon as it manages to do that, it works for 36 days and collects all the information which is entered on the keyboard. That means that all passwords, emails, conversations, logins and even credit card information are sent to its creators!

It seems like Duqu is mostly distributed as Microsoft Word document ( .doc) which exploits Windows kernel vulnerability and, after being opened, executes malicious code to install the virus. Though it was discovered on October 18, not all security programs manage to find this cyber threat and remove it successfully. Microsoft and other security software makers claim to be working on a patch which helps to protect systems against Duqu infection that has already been noticed in France, Switzerland, India, United Kingdom, Austria and Netherlands.

If you think you may be infected with Duqu or other rootkit (such as Rootkit.TDSS), run updated anti-malware program to check the system for viruses. In addition, avoid locally opening Word documents and use online viewers (Google Docs, Docs.com, etc.)

Source: symantec.com


Files
Software
Compare
Like us on Facebook