Home New Stuxnet Variants Are Found in Europe

New Stuxnet Variants Are Found in Europe

The same Symantec team that cracked Stuxnet has found new variations on the same theme in packet captures from European networks. They published a blog entry and a full report that analyzes what the impacts of the virus would be, since the exploit isn’t quite a finished product yet, and not all pieces of the exploit have been recovered. It is well worth careful reading.

The team calls what they found Duqu, and it is quite a vile and complex piece of work, as you can see from just one of its components diagrammed by Symantec. They state that its creators must have had access to the Stuxnet source code, not just the binary files. They theorize that its purpose is to find weaknesses in particular industrial process control equipment, although they have not found any specific code to tie it to a particular piece of hardware. The reason they propose this is because the code has been found in organizations that have been involved in the manufacture of industrial control systems. “The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility,” say the report.

Included in the exploit are the following items:

  • Keystroke recorder to pick off any passwords,
  • remote access Trojan to gain control over any PCs that could be connected to the control equipment,
  • Misleading digital signatures: The exploit contains a valid digital signature on one of the driver files, once again calling the need for better signature notaries.

Reading the report is interesting and scary at the same time. Clearly, the team who gained expertise with the creation of Stuxnet continues to learn how to make it better. This, coupled with an upcoming survey that shows that most US small business owners don’t have any Internet security policies or procedures, should give you all some food for thought. That circle of trust seems a bit smaller now.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.