nsane.forums Posted March 20, 2012 Share Posted March 20, 2012 Security researchers at Symantec discover a new Duqu driver compiled in February 2012. Security researchers at Symantec has flagged a new variant of the Duqu cyber-espionage Trojan, a clear sign that the attacks are still ongoing. The latest Duqu driver was compiled in February 2012, more than four months after Duqu was first flagged as a unique piece of malware “striking similarities” to Stuxnet, the mysterious computer worm that targeted nuclear facilities in Iran. Symantec identified the newly compiled Duqu driver as mcd9×86.sys and said it contains no new functionality beyond spying and collecting data from infected machines. Duqu is a highly specialized Trojan capable of gathering intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. Kaspersky Lab’s Costin Raiu says the latest variant has been engineered to escape detection by the open-source Duqu detector toolkit released by CrySyS Lab. View: Original Article Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.