Stuxnet, Duqu Date Back To 2007, Researcher Says

  /     /     /  
Publicated : 22/11/2024   Category : security


Stuxnet, Duqu Date Back To 2007, Researcher Says


Two pieces of malware likely were developed by the same team on the same platform along with similar variants, according to Kaspersky Lab.



(click image for larger view)
Slideshow: 10 Massive Security Breaches
The origins of the dangerous Stuxnet computer virus that targeted Irans nuclear power program last year could date back as far as 2007, according to new research.
Stuxnet and the related Duqu virus discovered earlier this year share a similar architecture and may have been developed by the same team of developers--along with other pieces of malware--several years ago, according to a security researcher at Kapersky Lab.
Researchers have dubbed the platform Tilded because its authors tend to use file names which start with ~d, said Alexander Gostav, head of Kaperskys Global Research and Analysis Team, in a
blog post
.
[ Improve your security. Learn about the
6 Worst Data Breaches Of 2011
. ]
There were a number of projects involving programs based on the Tilded platform throughout the period 2007-2011, Gostav said. Stuxnet and Duqu are two of them--there could have been others, which for now remain unknown.
Researchers discovered the connections between the pieces of malware and their origins by examining their drivers, he said.
Gostav warned that the Tilded platform is continuing to develop and more modifications of the viruses are likely to be a threat in the future.
Stuxnet was first discovered in June 2010 when it attacked software and equipment used by various organizations facilitating and overseeing Irans nuclear program.
The virus was especially worrisome for researchers because of its unprecedented complexity; it contains more than 4,000 functions, which is comparable to the code in some commercial software.
Researchers at the Budapest University of Technology and Economics
CrySyS lab
discovered
Duqu
this past September, saying the malware appears to have been designed to steal industrial control design documents.
After
examining Duqu
, researchers at Symantec said it was nearly identical to Stuxnet. Both viruses attack Microsoft Windows systems using a zero-day vulnerability, which tries to exploit application vulnerabilities that havent been discovered yet.
Superworms like Stuxnet and Duqu--which seem to have been created to target the critical infrastructure and control systems of particular countries--are of great concern for
federal cybersecurity officials
who are working to prevent such dangerous threats to the U.S. power grid and other essential facilities.
Role-based access control based on least user privilege is one of the most effective ways to prevent the compromise of corporate data. Our new report explains why proper provisioning is a growing challenge, due to the proliferation of big data, NoSQL databases, and cloud-based data storage.
Download the report now
. (Free registration required.)

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Stuxnet, Duqu Date Back To 2007, Researcher Says