Keyword: duqu

Brevity: Headers | « Text »
  • Duqu 2.0 malware buried into Windows PCs using stolen Foxconn certs (Signed by Chinese factory)

    06/15/2015 8:24:50 PM PDT · by dayglored · 38 replies
    The Register ^ | June 15, 2015 | John Leyden
    The super-sophisticated malware that infiltrated Kaspersky Labs is more crafty than first imagined. We're told that the Duqu 2.0 software nasty was signed using legit digital certificates issued to Foxconn – a world-leading Chinese electronics manufacturer, whose customers include Microsoft, Dell, Google, BlackBerry, Amazon, Apple, and Sony. The code-signing was uncovered by researchers at Kaspersky Lab, who are studying their Duqu 2.0 infection. Windows trusts Foxconn-signed code because the Chinese goliath's certificate was issued by VeriSign, which is a trusted certificate root. Thus, the operating system will happily load and run the Foxconn-signed Duqu 2.0's 64-bit kernel-level driver without setting...
  • Israel-Linked Spy Virus Discovered At Hotels Used For Iran Nuclear Talks

    06/10/2015 1:11:53 PM PDT · by Theoria · 26 replies
    NPR ^ | 10 June 2015 | Eyder Peralta
    Earlier this spring, the cybersecurity firm Kaspersky was testing an advanced antivirus software on one of its computers when it stumbled on something big: As the Moscow-based company puts it, it was "one of the most skilled, mysterious and powerful" spy viruses in the world. The piece of software was so sophisticated that it left few traces. It didn't leave files on the disk drive, and to stay hidden, it burrowed inside a computer's kernel memory, which is the place where a computer's most basic software is kept.Kaspersky says it assigned a team to watch its movements, and the team...
  • Powerful "Flame" cyber weapon found in Middle East

    05/28/2012 10:43:14 AM PDT · by bkopto · 24 replies
    Yahoo News ^ | 5/28/2012 | Jim Finkle
    Security experts have discovered a new data-stealing virus dubbed Flame they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign. It is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. The results of the Lab's work were made available on Monday. Schouwenberg said he did not know who built Flame. If the Lab's analysis is correct, Flame could be the third major cyber weapon uncovered after the Stuxnet virus...
  • Duqu, Stuxnet malware developed by same group (screwed Iran - big time)

    01/26/2012 6:57:32 PM PST · by Libloather · 29 replies
    Newsbytes ^ | 1/20/12
    Duqu, Stuxnet malware developed by same groupPosted on 20 Jan 2012 at 2:29pm The infamous Trojan software Duqu and Stuxnet were developed by only one group of malware developers, according to Internet security firm Kaspersky Lab. In fact, Kaspersky said the malware development team could already have developed other malwares using the same platform that was flexibly adaptable to specific targets. Kaspersky released a report stating that Duqu and Stuxnet, as well as a number of malware discovered in 2011 were using a development platform called “Tilded,” citing the use of the tilde symbol (“~”) in many of these malware....
  • 'Stuxnet virus used on Iran was 1 of 5 cyberbombs'

    12/30/2011 11:58:54 AM PST · by bkopto · 8 replies
    YNET News ^ | 12/29/2011 | Staff
    The Stuxnet virus that last year damaged Iran's nuclear program was likely one of at least five cyber weapons developed on a single platform whose roots trace back to 2007, according to new research from Russian computer security firm Kaspersky Lab. SNIP Stuxnet has already been linked to another virus, the Duqu data-stealing trojan, but Kaspersky's research suggests the cyber weapons program that targeted Iran may be far more sophisticated than previously known. Kaspersky's director of global research & analysis, Costin Raiu, told Reuters on Wednesday that his team has gathered evidence that shows the same platform that was used...
  • First came Stuxnet computer virus, now there's Duqu

    10/19/2011 11:07:47 PM PDT · by fso301 · 5 replies
    The Jerusalem Post ^ | Oct 20, 2011 | REUTERS
    Computer virus similar to Stuxnet detected in Europe; designed to capture keystrokes and gain remote access; US issues public alert. WASHINGTON - First there was the Stuxnet computer virus that wreaked havoc on Iran's nuclear program. Now comes "Duqu," which researchers on Tuesday said appears to be quite similar. Security software firm Symantec said in a report it was alerted by a research lab with international connections on Friday to a malicious code that "appeared to be very similar to Stuxnet." It was named Duqu because it creates files with "DQ" in the prefix. The US Department of Homeland Security...
  • Stuxnet Clone Found, Possibly Preparing For Power Plant Attacks

    10/19/2011 3:35:47 AM PDT · by edpc · 31 replies
    ANI via Yahoo News ^ | 19 Oct 2011 | ANI
    Washington, Oct.19 (ANI): Security researchers have detected a new Trojan, scarily similar to the infamous Stuxnet worm, which could disrupt computers controlling power plants, oil refineries and other critical infrastructure networks. The Trojan, dubbed "Duqu" by the security firm Symantec, appears, based on its code, to have been written by the same authors as the Stuxnet worm, which last July was used to cripple an Iranian nuclear-fuel processing plant, Fox News reports.