Duqu – malware almost identical to Stuxnet worm

The recent malware attack, Duqu, has almost identical parts of its code base to infamous Stuxnet worm, says Symantec. According to experts, that’s too early to claim that these two viruses have been released by the same scammers who managed to paralyze an Iranian nuclear fuel plant last year, but Duqu creators are likely to have the ability to reach its source code. These components are related to driver files helping for the scam to download additional malware components.

Duqu threat, which has been noticed on October 14, was named so according to its ability to create files with the file name prefix “~DQ”. Experts say that it is a typical remote access Trojan which has been used toward limited number of organizations. It is designed to help to install another malware capable to record keystrokes and get other system information which can be used in the future attacks.

Source: symantec.com

Like us on Facebook