Stuxnet's Son Duqu
The ultimate mystery of computer malware mysteries has taken its expected turn, according to an article on WSJ.com. The malware has been dubbed, “duqu”, since it creates files with the prefix, “~DQ”. Duqu is an offshoot of Stuxnet which has proved to be one of the most potentially deadly computer viruses as it attacked centrifuges in Iran that could have sent nuclear energy outbound as the centrifuges spun out of control until the scientist in the plant discovered something amiss and shutdown the centrifuges before an accident occured.
Stuxnet was dissected and found to be exclusively associated with hardware controllers manufactured by Siemens, a German hi-tech manufacturer of sophisticated hardware. Similarly, Duqu seems to be associated with specific hardware that is so-far exclusively related to manufacturing, infecting drivers associated with manufacturing hardware. According to MSN, the Duqu code is closely associated with Stuxnet and is directed toward industrial command and control centers.
Symantec reports “Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party”. This amazing discovery is enough to send every manufacturer selling hardware with controllers to scramble back to the table in order to secure their hardware from third party infiltration regardless of the cost or time.
Experts agree that Duqu is almost identical and may have been written by the same authors as Stuxnet or written by someone with access to the original Stuxnet code. PC Virus Doctors’ Computer Repair Dallas has experienced some hardware failure that is suspicious in believing that malware negatively effected hardware drivers either intentionally or innocently but effectively disabled the hardware such as drives, their drivers or suspecting that the BIOS has been tampered with or direct or inderict attempts to destroy or change the BIOS code.
However, among the great concern, Symantec does report that “Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT)” and unlike viruses does not replicate itself.
***”Son of Stuxnet- Duqu Part 2“ will follow with more interesting facts of the upcoming mysterious and intriguing malware that takes on brand new dimensions.