Stuxnet, Duqu Date Back To 2007, Researcher Says

Two pieces of malware likely were developed by the same team on the same platform along with similar variants, according to Kaspersky Lab.

(click image for larger view)
Slideshow: 10 Massive Security Breaches
The origins of the dangerous Stuxnet computer virus that targeted Irans nuclear power program last year could date back as far as 2007, according to new research.
Stuxnet and the related Duqu virus discovered earlier this year share a similar architecture and may have been developed by the same team of developers--along with other pieces of malware--several years ago, according to a security researcher at Kapersky Lab.
Researchers have dubbed the platform Tilded because its authors tend to use file names which start with ~d, said Alexander Gostav, head of Kaperskys Global Research and Analysis Team, in a
blog post
.
[ Improve your security. Learn about the
6 Worst Data Breaches Of 2011
. ]
There were a number of projects involving programs based on the Tilded platform throughout the period 2007-2011, Gostav said. Stuxnet and Duqu are two of them--there could have been others, which for now remain unknown.
Researchers discovered the connections between the pieces of malware and their origins by examining their drivers, he said.
Gostav warned that the Tilded platform is continuing to develop and more modifications of the viruses are likely to be a threat in the future.
Stuxnet was first discovered in June 2010 when it attacked software and equipment used by various organizations facilitating and overseeing Irans nuclear program.
The virus was especially worrisome for researchers because of its unprecedented complexity; it contains more than 4,000 functions, which is comparable to the code in some commercial software.
Researchers at the Budapest University of Technology and Economics
CrySyS lab
discovered
Duqu
this past September, saying the malware appears to have been designed to steal industrial control design documents.
After
examining Duqu
, researchers at Symantec said it was nearly identical to Stuxnet. Both viruses attack Microsoft Windows systems using a zero-day vulnerability, which tries to exploit application vulnerabilities that havent been discovered yet.
Superworms like Stuxnet and Duqu--which seem to have been created to target the critical infrastructure and control systems of particular countries--are of great concern for
federal cybersecurity officials
who are working to prevent such dangerous threats to the U.S. power grid and other essential facilities.
Role-based access control based on least user privilege is one of the most effective ways to prevent the compromise of corporate data. Our new report explains why proper provisioning is a growing challenge, due to the proliferation of big data, NoSQL databases, and cloud-based data storage.
Download the report now
. (Free registration required.)

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Stuxnet, Duqu Date Back To 2007, Researcher Says