Published in News

New form of Stuxnet spotted

y exclamation

Uses the original source code

Symantec says it is looking under the bonnet of a new threat that shares a great deal of code in common with the infamous Stuxnet malware.

Stuxnet was believed to have been penned by spooks in Israel and the US to wipe out the Iranian nuclear industry.
However Symantec  claims that the authors of this new threat, dubbed Duqu, had access to the Stuxnet source code, not just Stuxnet binaries.

Thus, it is possible Duqu was created by the same attackers that created Stuxnet. Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.

A Symantec spokesman said that  Duqu is the precursor to a future Stuxnet-like attack.

More details can be found on Symantec's blog here.


Last modified on 19 October 2011
Rate this item
(0 votes)

Read more about: