Duqu, Stuxnet Built on Common Platform With Other Similar Super-Malware

Found on eWEEK on Saturday, 31 December 2011

Further analysis of the Duqu Trojan has revealed that the platform that was used to develop Stuxnet and Duqu may have been used to create similar Trojans, according to Kaspersky Lab.

Stuxnet took advantage of multiple zero-day vulnerabilities in Microsoft Windows, including an escalation-of-privilege flaw and exploited Microsoft's AutoRun functionality to spread across computers via infected USB drives.

Duqu also took advantage of a zero-day vulnerability in the Microsoft Windows kernel.

Gostev said "with a fair degree of certainty" that the Tilded platform had been created around the end of 2007 or early 2008 and underwent significant changes in the summer and autumn of 2010.

It makes sense that, when you already have the level of knowledge to build one of those trojans, you also build others. Just like Microsoft releases various different software packages, a blackhat company can release different high-level trojans.

Browse all articles« Previous « » Next »