Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Iran battling Duqu malware, official admits

The next Stuxnet or just more malware?

Article comments

The Duqu malware, linked by some experts to last year’s notorious Stuxnet attacks, has struck Iran an official in the country has told local news sources.

The scale of the attack is unclear, but looks to be on a much smaller scale than Stuxnet in 2010, which many experts have convinced themselves was part of a concerted targeted attack on Iran’s nuclear programme.

"We are in the initial phase of fighting the Duqu virus," Brigadier General Gholamreza Jalali told an Iranian news agency. "The final report which says which organisations the virus has spread to and what its impacts are has not been completed yet.”

"All the organisations and centres that could be susceptible to being contaminated are being controlled," he said. Iran was countering Duqu using security unspecified home-grown software, Jalali added without blaming any outside agency for the attack.

"The elimination was carried out and the organisations penetrated by the virus are under control. The cyber-defence unit works day and night to combat cyberattacks.”

The provenance of Stuxnet, and now Duqu, is still mysterious. Both are sophisticated, highly targeted in what are relatively esoteric layers of software, and yet security vendors have found it difficult to agree on their real significance. Russia - an ally of Iran - has allowed its officials to pin the blame for Stuxnet on Israel and the US.

The company leading the charge on making connections between Stuxnet and Duqu has been Symantec, which characterised the latter as a more general information-stealing Trojan. Dell SecureWorks, by contrast, was less convinced that the two were the work of the same attackers. Several countries are known to have been affacted by Duqu.

If Stuxnet was hugely suspicious, Duqu is simply odd. Featuring programming elements that appear to be as much as four years old, a key element of its success was its ability to exploit an unusual zero-day Windows kernel vulnerability connected to opening Microsoft Word documents.

Kernel flaws in Windows are a rare occurrence these days mainly because criminals have moved to hunting for easier-to-find and exploit holes in browsers.

Regardless, Stuxnet and perhaps now also Duqu have been awarded the status of being the first significant examples of ‘political malware’, that is software believed to have been designed to attack the infrastructure of only one country and its allies.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *