Difference between revisions of "The mystery of Duqu: part ten"

From Botnets.fr
Jump to navigation Jump to search
m (1 revision imported)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
{{Publication
{{Publication
|Image=
|Botnet=Duqu,
|Legend=
|Malware=Duqu (bot),
|CCProtocol=,
|Operation=,
|Year=2012
|Date=2012-03-27
|Editor=Kaspersky lab
|Link=http://www.securelist.com/en/blog/208193425/The_mystery_of_Duqu_Part_Ten
|Author=Alexander Gostev,
|Type=Blogpost
|Abstract=At the end of the last year the authors of Duqu and Stuxnet tried to eliminate all traces of their activity. They wiped all servers that they used since 2009 or even earlier. The cleanup happened on October 20.
 
There were virtually no traces of Duqu since then. But several days ago our colleagues in Symantec announced that they found a new "in-the-wild" driver that is very similar to known Duqu drivers. Previous modifications of Duqu drivers were compiled on Nov 3 2010 and Oct 17 2011, and the new driver was compiled on Feb 23 2012.
|Document=
|Document=
|Licence=
|Licence=
|Video=
|Video=
|Link=http://www.securelist.com/en/blog/208193425/The_mystery_of_Duqu_Part_Ten www.securelist.com
|Author=Alexander Gostev,
|NomRevue=Securelist
|NomRevue=Securelist
|Date=27 mars 2012
|Editor=Kaspersky lab
|Year=2012
|ISBN=
|ISBN=
|Page=
|Page=
|Abstract=At the end of the last year the authors of Duqu and Stuxnet tried to eliminate all traces of their activity. They wiped all servers that they used since 2009 or even earlier. The cleanup happened on October 20.
|Keyword=,
 
There were virtually no traces of Duqu since then. But several days ago our colleagues in Symantec announced that they found a new "in-the-wild" driver that is very similar to known Duqu drivers. Previous modifications of Duqu drivers were compiled on Nov 3 2010 and Oct 17 2011, and the new driver was compiled on Feb 23 2012.
|Botnet=Duqu,
|Malware=Duqu (bot),
|CCProtocol=,
|Operation=,
|Keyword=,  
}}
}}

Latest revision as of 05:40, 12 August 2015

(Publication) Google search: [1]

The mystery of Duqu: part ten
Botnet Duqu
Malware Duqu (bot)
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-03-27
Editor/Conference Kaspersky lab
Link http://www.securelist.com/en/blog/208193425/The mystery of Duqu Part Ten (Archive copy)
Author Alexander Gostev
Type Blogpost

Abstract

At the end of the last year the authors of Duqu and Stuxnet tried to eliminate all traces of their activity. They wiped all servers that they used since 2009 or even earlier. The cleanup happened on October 20.

There were virtually no traces of Duqu since then. But several days ago our colleagues in Symantec announced that they found a new "in-the-wild" driver that is very similar to known Duqu drivers. Previous modifications of Duqu drivers were compiled on Nov 3 2010 and Oct 17 2011, and the new driver was compiled on Feb 23 2012.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR970,
   editor = {Kaspersky lab},
   author = {Alexander Gostev},
   title = {The mystery of Duqu: part ten},
   date = {27},
   month = Mar,
   year = {2012},
   howpublished = {\url{http://www.securelist.com/en/blog/208193425/The_mystery_of_Duqu_Part_Ten}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=The_mystery_of_Duqu:_part_ten&oldid=12599"