Microsoft software bug linked to "Duqu" virus

News of Duqu surfaced in October when security software maker Symantec Corp said it had found a mysterious computer virus that contained code similar to Stuxnet, a piece of malicious software believed to have wreaked havoc on Iran's nuclear program.

Government and private investigators around the world are racing to unlock the secret of Duqu, with early analysis suggesting that it was developed by sophisticated hackers to help lay the groundwork for attacks on critical infrastructure such as power plants, oil refineries and pipelines.

Details on how Duqu got onto infected machines emerged for the first time on Tuesday as Microsoft disclosed its link to the infection.

Separately, Symantec researchers said they believe hackers sent the virus to targeted victims via emails with tainted Microsoft Word documents attached.

If a recipient opened the Word document and infected the PC, the attacker could take control of the machine and reach into an organization's network to propagate itself and hunt for data, Symantec researcher Kevin Haley told Reuters.

He said some of the source code used in Duqu was also used in Stuxnet, a cyber weapon believed to have crippled centrifuges that Iran uses to enrich uranium.

That suggests that the attackers behind Stuxnet either gave that code to the developers of Duqu, allowed it to be stolen, or are the same people who built Duqu, Haley said.

"We believe it is the latter," he said.

Subscribe to our Newsletter

Search ALL Articles

Managed V. Non-Managed

 
NON-MANAGED=REACTIVE
MANAGED=PROACTIVE
 
 

ourprivacy.org

US-CERT Latest Warnings

Latest US-CERT Released Warnings