Duqu FAQ

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Duqu FAQ
Botnet Duqu, Stuxnet
Malware Duqu (bot)
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2011 / 19 octobre 2011
Editor/Conference Kaspersky lab
Link http://www.securelist.com/en/blog/208193178/Duqu FAQ (Archive copy)
Author Ryan Naraine
Type

Abstract

This is an active investigation by Kaspersky Lab's Global Research & Analysis Team. We will be updating this FAQ document as necessary.

What exactly is Duqu? How is it related to Stuxnet?

Duqu is a sophisticated Trojan which seems to have been written by the same people who created the infamous Stuxnet worm. Its main purpose is to act as a backdoor into the system and facilitate the theft of private information. This is the main difference when compared to Stuxnet, which was created to conduct industrial sabotage. It's also important to point out that while Stuxnet is able to replicate from one computer to another using various mechanisms, Duqu is a Trojan that doesn't seem to replicate on its own.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR929,
   editor = {Kaspersky lab},
   author = {Ryan Naraine},
   title = {Duqu FAQ},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2011},
   howpublished = {\url{http://www.securelist.com/en/blog/208193178/Duqu_FAQ}},
 }