John Romant's Technology Blog

If it's technology, I want to know about it.

Tag Archives: super virus

“Duqu” virus created from original Stuxnet Code. Researchers Warn of Impending Cyber Attack.

PHOTO: Researchers claim a new virus, dubbed "Duqu", could be the first step in a new Stuxnet-like cyber attack.

By LEE FERRAN
Oct. 18, 2011

A new computer virus using “nearly identical” parts of the cyber superweapon Stuxnet has been detected on computer systems in Europe and is believed to be a precursor to a new Stuxnet-like attack, a major U.S.-based cyber security company said today.

Stuxnet was a highly sophisticated computer worm that was discovered last year and was thought to have successfully targeted and disrupted systems at a nuclear enrichment plant in Iran. At the time, U.S. officials said the worm’s unprecedented complexity and potential ability to physically sabotage industrial control systems — which run everything from water plants to the power grid in the U.S. and in many countries around the world — marked a new era in cyber warfare.

Though no group claimed responsibility for the Stuxnet worm, several cyber security experts have said it is likely a nation-state created it and that the U.S. and Israel were on a short list of possible culprits.

READ: Could Cyber Superweapon Be Turned on the U.S.?

Whoever it was, the same group may be at it again, researchers said, as the authors of the new virus apparently had access to original Stuxnet code that was never made public.

The new threat, discovered by a Europe-based research lab and dubbed “Duqu”, is not designed to physically affect industrial systems like Stuxnet was, but apparently is only used to gather information on potential targets that could be helpful in a future cyber attack, cyber security giant Symantec said in a report today.

“Duqu shares a great deal of code with Stuxnet; however, the payload is completely different,” Symantec said in a blog post.

READ: Beware the Cyber War Boomerang?

Duqu is designed to record key strokes and gather other system information at companies in the industrial control system field and then send that information back to whomever planted the bug, Symantec said.

If successful, the information gleaned from those companies through Duqu could be used in a future attack on any industrial control system in the world where the companies’ products are used — from a power plant in Europe to an oil rig in the Gulf of Mexico.

“Right now it’s in the reconnaissance stage, you could say,” Symantec Senior Director for Security Technology and Response, Gerry Egan, told ABC News. “[But] there’s a clear indication an attack is being planned.”

Duqu is also not designed to spread on its own…continue reading.

%d bloggers like this: