Duqu, beginning of future Stuxnet variants

Symantec has published a study of a new threat called Duqu. Main components and modules are shwon below.


Highlights from Symantec report:

  • The threat was written by the same authors
  • Duqu’s purpose is to gather intelligence data and assets from entities such as industrial infrastructure and system manufacturers, amongst others, in order to more easily conduct a future attack against another third party.
  • The attackers used Duqu to install another infostealer that can record keystrokes and collect other system information.
  • Duqu uses HTTP and HTTPS to communicate to a command and control (C&C) server

It is worth to look another study by SecureWorks as well.

This entry was posted in Security Threats. Bookmark the permalink.

Comments are closed.