Security researchers at Symantec has flagged a new variant of the Duqu cyber-espionage Trojan, a clear sign that the attacks are still ongoing.
The latest Duqu driver was compiled in February 2012, more than four months after Duqu was first flagged as a unique piece of malware “striking similarities” toStuxnet, the mysterious computer worm that targeted nuclear facilities in Iran.
Symantec identified the newly compiled Duqu driver as mcd9×86.sys and said it contains no new functionality beyond spying and collecting data from infected machines.
Duqu is a highly specialized Trojan capable of gathering intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party.................
Kaspersky Lab’s Costin Raiu says the latest variant has been engineered to escape detection by the open-source Duqu detector toolkit released by CrySyS Lab..........
Click here to read more ......
Solutions : www.xcyss.in
No comments:
Post a Comment