
Showing posts from June, 2015

Next gen Stuxnet - Duqu 2.0?

Last week the discovery of the new and revised Duqu has stirred interest around the similarities between this new malware and it's similarities to Stuxnet. A bit of history about both Duqu and Stuxnet; Stuxnet Stuxnet made its glory by attacking the Iran nuclear facilities in 2012. This worm was designed to attack the industrial programmable logic controllers (PLC) in a nuclear system. Turns out it worked great, and put several Iranian centrifuges out of commission.  Shortly after, the underlying vulnerabilities MS15-020 that Stuxnet exploited was discovered and used en mass by the underground community. However the actual code behind Stuxnet remained a mystery. Duqu Duqu has been making it's rounds for a while, primarily used to collect key strokes and general exfiltration of systems. This Trojan made it's fame with the kernel exploit in MS11-087 . And has been used by the bad guys to spy on users and even remote format hard drivers. Duqu 2.0 Now...