{"id":341,"date":"2011-10-31T10:53:29","date_gmt":"2011-10-31T08:53:29","guid":{"rendered":"http:\/\/saisa.eu\/blogs\/Guidance\/?p=341"},"modified":"2011-10-31T12:32:46","modified_gmt":"2011-10-31T10:32:46","slug":"duqu-beginning-of-future-stuxnet-variants","status":"publish","type":"post","link":"https:\/\/saisa.eu\/blogs\/Guidance\/?p=341","title":{"rendered":"Duqu, beginning of future Stuxnet variants"},"content":{"rendered":"<p>Symantec has published a <a title=\"W32.Duqu, The precursor to the next Stuxnet\" href=\"http:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/w32_duqu_the_precursor_to_the_next_stuxnet.pdf\">study<\/a> of a new threat called Duqu. Main components and modules are shwon below.<\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2011\/10\/duqu.png\"><img loading=\"lazy\" height=\"596\" alt=\"duqu\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2011\/10\/duqu-small.png\" width=\"640\" \/><\/a><\/p>\n<p>Highlights from Symantec report:<\/p>\n<ul>\n<li>The threat was written by the same authors<\/li>\n<li>Duqu\u2019s purpose is to <strong>gather intelligence data<\/strong> and assets from entities such as industrial infrastructure and system manufacturers, amongst others, in order to more easily conduct a future attack against another third party.<\/li>\n<li>The attackers used Duqu to install another infostealer that can record keystrokes and collect other system information.<\/li>\n<li>Duqu uses HTTP and HTTPS to communicate to a command and control (C&amp;C) server<\/li>\n<\/ul>\n<p>It is worth to look another study by <a title=\"Duqu Trojan Questions and Answers\n\n   \" href=\"http:\/\/www.secureworks.com\/research\/threats\/duqu\/\">SecureWorks<\/a> as well.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Symantec has published a study of a new threat called Duqu. Main components and modules are shwon below. Highlights from Symantec report: The threat was written by the same authors Duqu\u2019s purpose is to gather intelligence data and assets from &hellip; <a href=\"https:\/\/saisa.eu\/blogs\/Guidance\/?p=341\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[47],"tags":[],"_links":{"self":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/341"}],"collection":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=341"}],"version-history":[{"count":1,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/341\/revisions"}],"predecessor-version":[{"id":342,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/341\/revisions\/342"}],"wp:attachment":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=341"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=341"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=341"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}