All the latest UK technology news, reviews and analysis


Kaspersky Lab argues same team built Stuxnet and Duqu

03 Jan 2012

Kaspersky Lab researchers have concluded that the Duqu malware discovered in the latter half of 2011 was indeed created by the same team that built the infamous Stuxnet worm largely thought to have been aimed specifically at disrupting Iran's nuclear program.

In a recent blog post, the firm's chief security expert Alexander Gostev argued that the same platform, dubbed "Tilded" was used by the team to create the two Trojans and other malware besides.

Key to the researchers' conclusions was an in-depth analysis of the drivers used for infecting systems with Stuxnet and Duqu.

In all, they found seven types of drivers with similar characteristics, but argued that for three of these there is no information on what malicious programs they were designed to be used with.

"The methods of dissemination of Stuxnet would have brought about a large number of infections with these drivers; and they can't be attributed either to the more targeted Duqu Trojan due to the compilation date," said Gostev.

"We consider that these drivers were used either in an earlier version of Duqu, or for infection with completely different malicious programs, which moreover have the same platform and, it is likely, a single creator-team."

The creators of Stuxnet and Duqu create a new version of the driver several times a year, changing parameters such as the registry key, according to Kaspersky Lab.

The conclusions reached by Kaspersky Lab fly are at odds with some others in the security space, notably BitDefender, which argued that the aims of the two Trojans were too conflicting for them to have been built by the same team.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Phil Muncaster
About

Phil Muncaster is news editor at V3.co.uk, a role he has fulfilled since January 2010. Previously he was chief reporter for IT Week, having also worked as a reporter and senior reporter on the publication from 2005.

Before IT Week, Phil worked as a researcher for the Rough Guide. Prior to his work in journalism, Phil spent three years teaching English in Japan.

 

 

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
21%
30%
11%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

VB.Net Developer - Leicester SQL Server

VB.Net Developer - Leicester SQL Server Urgently required...

Senior Systems Engineer - SCOM - Leicester

Senior Systems Engineer - SCOM - Leicester Salary...

.Net C# Developer - Leicester

.Net C# Developer - Leicester £41K basic + bonus...

IT Security Analyst - Leicestershire

IT Security Analyst - Leicester Excellent opportunity...
To send to more than one email address, simply separate each address with a comma.