New virus threatens Iran’s nuclear program – Duqu is essentially the precursor to a future Stuxnet-like attack

First there was the Stuxnet computer virus that wreaked havoc on Iran’s nuclear program. Now comes “Duqu,” which researchers on Tuesday said appears to be quite similar.

Security software firm Symantec said in a report it was alerted by a research lab with international connections on Friday to a malicious code that “appeared to be very similar to Stuxnet.” It was named Duqu because it creates files with “DQ” in the prefix.

The US Department of Homeland Security said it was aware of the reports and was taking action.

“Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose,” Symantec said. “Duqu is essentially the precursor to a future Stuxnet-like attack.”

The new Duqu computer virus is designed to gather data from industrial control system manufacturers to make it easier to launch an attack in the future by capturing information including keystrokes.

“Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT),” Symantec said. “The threat does not self-replicate.”

Duqu shares “a great deal of code with Stuxnet” but instead of being designed to sabotage an industrial control system, the new virus is designed to gain remote access capabilities.

brief statement from the Laboratory of Cryptography and System Security (CrySyS) in Hungary confirmed its participation:

Our lab, the Laboratory of Cryptography and System Security (CrySyS) participated in the discovery of Duqu malware within an international collaboration. While gathering deeper knowledge about its functionality, we have confirmed Duqu is a threat nearly identical to Stuxnet. After the thorough analysis of samples we prepared a detailed report about Duqu, named by us. We immediately provided competent organizations with the initial report in order to jointly step up in a professionally prepared way. Our research lab will provide the professional community and the public with all relevant details in the future as well. But we can not reveal further information about the ongoing case. Instead of speculating we encourage all professional organizations to enhance the joint process of finding a solution, since strong international collaboration will remain to play a key role.

The lab did not offer any additional details.

Duqu was created to hijack sensitive data from a handful of high-value targets.  Security researchers are continuing to find new drivers associated with this attack.

About author
Enformable is focused on providing critical information about energy related topics for readers around the world.The functional goal of the project is to provide a user-friendly public resource, complete with database of supporting research materials and data.Facebook Twitter
Read More About ,
Submit your comment

Please enter your name

Your name is required

Please enter a valid email address

An email address is required

Please enter your message

*

Enformable © 2014 All Rights Reserved

More in Nuclear News
Fort Calhounflooding
Flood Barriers At Fort Calhoun Found To Be Leaking – Fittings thought to be capped found to be open with a sheet metal box obscuring inspections

Power Reactor Event Number: 47359 Facility: FORT CALHOUN Region: 4 State: NE Unit: [1] [ ] [ ] RX Type: (1) CE NRC Notified By: ERICK MATZKE HQ OPS Officer: VINCE KLCO Notification Date: 10/20/2011 Notification...

Close