[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] 7 Facts On Duqu Malware Attacks
http://www.informationweek.com/news/security/attacks/231903138
By Mathew J. Schwartz
InformationWeek
November 16, 2011
New information continues to emerge about the Duqu malware that was
designed to steal information relating to industrial control systems.
The latest analysis of the Duqu malware has found that one of the
components used in the attack was compiled in 2007. But Duqu was used in
a targeted attack as recently as April 2011, pointing to a possible
four-year attack campaign by Duqu's authors, whose identities and
affiliations remain unknown.
What is known, however, is that to date, Duqu infected organizations in
at least eight countries--including Iran--in part by using a
still-unpatched Windows zero-day vulnerability. Furthermore, as
researchers continue to study Duqu variants, these findings have
emerged:
1. Duqu was a boutique exploit.
To date, researchers have discovered "12 unique sets of Duqu files,"
said Alexander Gostev, chief security expert at Kaspersky Lab and author
of a recent Duqu report. That's significant, since "for every victim, a
separate set of attack files was created," he said via email.
[...]
_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn