Not Again! Duqu Hits Iran

Pity poor Iran. They can’t catch a break. After cleaning up the mess Stuxnet wreaked on their nuclear ambitions, the Middle Eastern country admitted in November that a number of machines across multiple industries were infected with Duqu. While academic arguments raged over whether similarities in source code proved Duqu was the spawn of Stuxnet, researchers digging around under the worm’s hood discovered some interesting and unique characteristics.

Pity poor Iran. They can’t catch a break. After cleaning up the mess Stuxnet wreaked on their nuclear ambitions, the Middle Eastern country admitted in November that a number of machines across multiple industries were infected with Duqu. While academic arguments raged over whether similarities in source code proved Duqu was the spawn of Stuxnet, researchers digging around under the worm’s hood discovered some interesting and unique characteristics. Where Stuxnet was designed to damage SCADA-driven industrial machines, Duqu seems more intent on monitoring user activity and stealing data. And Duqu is delivered via an infected Microsoft Word file attached to a highly customized and targeted phishing email. As the year winds down, Iranian officials say they’ve distributed software to rid computers of the Duqu menace. But it’s likely the entire impact of Duqu infections remains unknown and, will only fully reveal itself later in 2012.

Such is the way a new list begins. Happy New Year!

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.