New Duqu virus linked to Microsoft Word Documents

November 4, 2011 by Bob Yirka, report

I new virus has cropped up in various countries across the world and its target appears to be corporate networks. The Duqu virus, first noted last month by a laboratory at Budapest University, has now been spotted in several other countries and appears to be sent via Microsoft Word documents attached as emails. Microsoft has announced that it is working on a fix.

The point of the seems to be to gather corporate information and then send it to some as yet unknown site. Thus, it’s a form of corporate espionage. Chillingly, researchers at Symantec, the giant antivirus company, say it looks like some of the code in the is the same as was found in the Stuxnet virus that wreaked havoc on Iran’s nuclear program, indicating that the perpetuators were either able to obtain the code from that virus, or, are the same people.

The virus is activated when a person to whom an infected Word document was sent, opens it. The virus infects that computer then seeks out other computers through the corporate network. As it goes, it collects data and then apparently, seeks a path out to the Internet where it can send the data it’s collected to a predefined destination. Thus far it has relied on a so-named zero day exploit to take advantage of a previously unknown weakness in the Windows kernel, which means getting in and doing its dirty work before victims have a chance to come up with a means of defense against it.

Thus far, it appears that the virus has been targeted at specific types of companies, as the data- collecting part of the virus seems to seek out information pertaining to industrial control-systems. So it’s likely that whoever unleashed the virus, did so in hopes of gaining information on how companies are designing and manufacturing their products; not something the average person would need to worry about, but still enough to cause concern about the growing sophistication of computer viruses.

So far, instances of the virus have been seen in Iran, India, France, Ukraine, the UK and at least eight other countries that have not been specifically identified.

Explore further: Symantec warns of new Stuxnet-like virus

Related Stories

Symantec warns of new Stuxnet-like virus

October 19, 2011

US security firm Symantec has warned of a new computer virus similar to the malicious Stuxnet worm believed to have preyed on Iran's nuclear program.

Stuxnet-like virus points to new round of cyber war

October 20, 2011

Internet security specialists have warned of a new round of cyber warfare in the form of a computer virus similar to the malicious Stuxnet worm believed to have targeted Iran's nuclear program.

Net braced for new Sober virus attack

January 5, 2006

Internet-security experts were predicting only minor impacts from an onslaught of the Sober virus scheduled to replicate itself Thursday or Friday.

Statistical physics shows new approach to fighting viruses

December 12, 2005

Computer viruses pose an ongoing threat and their neutralization calls for new strategies, researchers at Tel Aviv University say. Eran Shir and colleagues propose a solution that helps an 'antivirus' program reach an at-risk ...

Recommended for you

AI and 5G in focus at top mobile fair

February 24, 2018

Phone makers will seek to entice new buyers with better cameras and bigger screens at the world's biggest mobile fair starting Monday in Spain after a year of flat smartphone sales.

Google Assistant adds more languages in global push

February 23, 2018

Google said Friday its digital assistant software would be available in more than 30 languages by the end of the years as it steps up its artificial intelligence efforts against Amazon and others.


Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Nov 04, 2011
another tragedy..
5 / 5 (2) Nov 04, 2011
The next war will be fought on the internet, not on the ground. When they said information was king, and equally valuable as money they were right.

Stuxnet was only the beginning of our "Brave new World".


not rated yet Nov 04, 2011
Imagine how cool software and the internet could be if it wasn't for the a&& holes.
5 / 5 (2) Nov 04, 2011
Imagine how cool software and the internet could be if it wasn't for the a&& holes.

We actually depend on someone challenging the software.
Just like our body needs to exercise the immune system.
Otherwise we would be wide open for attacs.
not rated yet Nov 04, 2011
Yep, security by obscurity only worked in the 70's.
5 / 5 (3) Nov 04, 2011
The real tragedy is how a professional writer inserts commas arbitrarily in the middle of sentences...
2 / 5 (4) Nov 05, 2011
Israel with the probable assistance of the U.S. was the origin of Stuxnet which targeted the Iranian Nuclear enrichment program.

Either Israel or the U.S. are now complicit in this corporate espionage attack on their allies in Europe and elsewhere, or as I said at the time of the Stuxnet attack, the Stuxnet software would be reverse engineered and used against western interests.

In any case, Israel with the probable assistance of the U.S. are ultimately responsible for this latest virus as they wrote much of the code for the existing infection.

Remember. Vendicar is almost always right, and Israel is the
enemy of all moral, thinking people.
1 / 5 (1) Nov 05, 2011
'Duqu' in 'Count DooKoo' the 'Sith' (reverse last two letters and wadda u get) Lord from Star Wars?? Maybe 'da Farce'////awww da 'Force' can defeat it. Where is Luke Swampwater when ya needs him.
1 / 5 (2) Nov 05, 2011
Luke died from Antarian Anal Ringworrm back in the Duvonian period.

Components of his light saber on on display at the Harkonen public trust building 128 Bertan street on the planet of Guidi prime.

Admission 1428*10**-23 Ningies

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.