Slashdot Mirror

← Back to Stories (view on slashdot.org)

Authorities Seize Duqu's C&C Servers In Mumbai

Posted by samzenpus on from the following-the-trail dept.

wiredmikey writes "In Mumbai, Indian authorities seized components from servers in a data center after Symantec informed them that they were communicating with the command and control infrastructure used by Duqu, the Trojan that is touted as the precursor to the next Stuxnet. According to a report from Reuters, officials the Department of Information Technology in India seized hard drives and other components from a server hosted in a Mumbai data center. Security vendors and government labs are worried that malware such as Duqu and Stuxnet are the building blocks needed in order for attackers to target critical infrastructure. Based on the initial analysis of Duqu, many researchers warned that it was the second generation development of Stuxnet, but this is still the subject of much debate, with some experts now saying that the connection between the two malicious programs is questionable."

53 comments

  1. ten to one it was the pakis by Chrisq · · Score: -1, Troll

    They're always trying to undermine India

    1. Re:ten to one it was the pakis by Anonymous Coward · · Score: -1

      Fuckin' racist knuckle-dragger. Please stop fucking your mom, she's getting tired of it.

    2. Re:ten to one it was the pakis by Chrisq · · Score: 0

      Fuckin' racist knuckle-dragger. Please stop fucking your mom, she's getting tired of it.

      Racist? perhaps you'd like to explain the difference in race between Indians and Pakis to me, or are you to busy fucking your mom?

    3. Re:ten to one it was the pakis by Anonymous Coward · · Score: -1

      I'm not fucking my mom, I'm fucking your mom. That's how I know she's sick of your syphilitic sore covered dick. Which is why I only fuck her in the ass with 5 rubbers on. And stop pretending you don't know the term you used is racist, you dumb fuck.

    4. Re:ten to one it was the pakis by Chrisq · · Score: 1

      I'm not fucking my mom, I'm fucking your mom. That's how I know she's sick of your syphilitic sore covered dick. Which is why I only fuck her in the ass with 5 rubbers on. And stop pretending you don't know the term you used is racist, you dumb fuck.

      I thought you'd not be able to answer the question. I'm not surprised you're fucking my mom, she's been dead for ten years.

    5. Re:ten to one it was the pakis by RogueyWon · · Score: 2

      The term you used is considered (extremely strong) racial abuse in the UK and some other parts of Europe - basically equal in strength to a certain word beginning with "n". I believe it lacks that association in the US and is used as a simple abbreviation - but given this is a site with an international readership, it's best avoided. It will get a powerful reaction, as you've seen.

      Linguistic minefields like this exist in both directions - some terms considered mild in the UK would be fighting talk in the US and vice-versa.

    6. Re:ten to one it was the pakis by Anonymous Coward · · Score: 0

      Linguistic minefields like this exist in both directions - some terms considered mild in the UK would be fighting talk in the US and vice-versa.

      Blimey!

    7. Re:ten to one it was the pakis by Anonymous Coward · · Score: 0

      People I went to middle school with... is that you?

    8. Re:ten to one it was the pakis by BangaIorean · · Score: 0

      Don't worry about the Paki who is posting abuse here. You carry on commenting. Just because those pathetic creatures find some word offensive, doesn't mean the rest of the world has to pander to their insecurities and whines. Hell, these Pakis go around literally looking for ways to get offended.

    9. Re:ten to one it was the pakis by ravenshrike · · Score: 1

      Now now, everyone knows brothers shouldn't fight. Especially when it comes to fucking their mother in public restrooms.

  2. Yet another win for the GDI over NOD and Kane by kannibal_klown · · Score: 1

    Honestly, unless I see it spelled out in the title or whatever... whenever I see "C&C" I simply think of the ol' Command & Conquer game.

    1. Re:Yet another win for the GDI over NOD and Kane by Yvan256 · · Score: 1

      I'd bet that at least 25 to 50% of slashdot readers think the same way.

    2. Re:Yet another win for the GDI over NOD and Kane by bmo · · Score: 1

      As an old usenetter, whenever I see C&C, I think of "coffee and cats warning" as in "put down the coffee and push the cat off your lap before you read this."

      Authorities Seize Duqu's Coffee and Cats Servers In Mumbai

      --
      BMO

    3. Re:Yet another win for the GDI over NOD and Kane by RogueyWon · · Score: 1

      Surely you should know better with this headline. I don't think C&C ever had dedicated server support.

      Unless you mean the tottering DRM-"disguising" atrocity that was the back-end for C&C4. But you can't have meant that. Because C&C4 didn't exist and wasn't the last nail in the coffin of a once proud series. And if anybody says otherwise I'm going to stick my fingers in my ears and go "NANANANANANANANANA" until they go away.

      But yes, after too many hours of my student years wasted to playing that game over the college network, it is now the only thing the acronym "C&C" could ever mean to me.

    4. Re:Yet another win for the GDI over NOD and Kane by FoolishOwl · · Score: 1

      Partly it's the subject: it sounds just like a Command & Conquer scenario. I can just see the commando shooting the exploding barrels to take out a tank, so the engineer can reach the data center.

      Speaking of which, do you ever find yourself getting out of bed in the morning and saying, "I've got the codes"?

    5. Re:Yet another win for the GDI over NOD and Kane by kelemvor4 · · Score: 1

      Honestly, unless I see it spelled out in the title or whatever... whenever I see "C&C" I simply think of the ol' Command & Conquer game.

      I always think of the old school hippity hoppity band "C&C Music Factory".

    6. Re:Yet another win for the GDI over NOD and Kane by Suicidal+Teapot · · Score: 1

      I guess it shows my age, I thought it was Crossbows & Catapults :(

    7. Re:Yet another win for the GDI over NOD and Kane by Anonymous Coward · · Score: 0

      ever find yourself getting out of bed in the morning and saying, "I've got the codes"?

      I prefer "No fear, Tanya's here!" personally.

    8. Re:Yet another win for the GDI over NOD and Kane by MacGyver2210 · · Score: 1

      Totally dude. The server was sharing ten year old pirated software, so they seized it...

      --
      If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
    9. Re:Yet another win for the GDI over NOD and Kane by powerchord84 · · Score: 1

      Oh, man, I was thinking the same thing...time to go home and dust off Red Alert!

    10. Re:Yet another win for the GDI over NOD and Kane by TheRaven64 · · Score: 1

      Pirated? EA made C&C a free download a few years ago for the twelfth anniversary.

      --
      I am TheRaven on Soylent News
    11. Re:Yet another win for the GDI over NOD and Kane by Anonymous Coward · · Score: 0

      as a gamer I see C&C as "Command and Conquer"

    12. Re:Yet another win for the GDI over NOD and Kane by flimflammer · · Score: 1

      There was never a C&C4. Ever.

      Ever.

    13. Re:Yet another win for the GDI over NOD and Kane by qubezz · · Score: 1

      Exactly, I was like, "wait, there's no server, it runs IPX over the LAN...." The good ol days, where C&C came with two game discs, so you can give the second to a buddy without needing to buy a second copy, and play LAN without constant permission needed to play the game you bought from game manufacturer's "command and control" DRM servers (tell me India couldn't shut down BF3 through a grand firewall because of DRM.)

    14. Re:Yet another win for the GDI over NOD and Kane by tqk · · Score: 1

      As an old usenetter, whenever I see C&C, I think of "coffee and cats warning" as in "put down the coffee and push the cat off your lap before you read this."

      I'm an old Usenetter, and I've never seen that one. Thanks. The equivalent I saw was C|N>K ("Coke piped through nose to keyboard", or something. :-)

      --
      "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
  3. Figures. by WindBourne · · Score: 3, Insightful

    So they grabbed the drive/system, rather than watching and find out who is controlling it and then grab them. And ppl wonder why there are so many crackers out there.

    --
    I prefer the "u" in honour as it seems to be missing these days.
    1. Re:Figures. by marcello_dl · · Score: 1

      I concur, this way they may make headlines immediately instead of patiently waiting and maybe triggering some alarm that the blackhat admins have set up, sure, but it's a poor replacement for getting the responsible people which will just rebuild something more carefully. Back to square one.

      Heck, it could be seen as a form of cover up, or a way to keep oneself in business by throwing the fish back in the river.

      --
      ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
    2. Re:Figures. by Lumpy · · Score: 1, Funny

      "And ppl wonder why there are so many crackers out there."

      Mostly because the keep having children...

      Oh wait, are we talking about the same thing?

      --
      Do not look at laser with remaining good eye.
    3. Re:Figures. by Anonymous Coward · · Score: 0

      It's extremely unlikely that any person associated with the C&C code, or any person who installed it, or any person who used it - has ever been in the same country as those physical servers. (I work for a security co)

    4. Re:Figures. by El+Torico · · Score: 1

      And ppl wonder why there are so many crackers out there.

      Hey, didn't you see RogueyWon's post about name calling?

      --
      In the land of the blind, the one-eyed man is usually crucified.
    5. Re:Figures. by Anonymous Coward · · Score: 0

      On a more serious note, no, it is not the same thing. Anyone can buy server space anywhere. There is no citizenship requirement. Ever heard about this new cool Cloud thingy kids are talking about these days?

    6. Re:Figures. by Anonymous Coward · · Score: 0

      "What's the French word for 'stakeout,' huh?" ~Conklin, The Bourne Identity, 2002

  4. Servers? by Hatta · · Score: 3, Interesting

    I'm kind of surprised that cutting edge malware depends on a central server for command and control. What about P2P? Or steganographic embedding of commands in forum posts or images? It seems like a robust and deniable control system would be one of the first things you implement in malware like this.

    --
    Give me Classic Slashdot or give me death!
    1. Re:Servers? by Anonymous Coward · · Score: 0

      Embedding cmds in images has been done a long time already.

    2. Re:Servers? by jesseck · · Score: 2

      Maybe they do... and the C&C servers are just there for extra noise. The C&C may act functional, and send / receive commands which are received by targets, but those targets don't have to do anything with the commands. While Symantec and India proclaim "We've stopped Duku" the virus may still be hard at work, collecting information.

    3. Re:Servers? by Anonymous Coward · · Score: 0

      White hats have had Honeypots for years. Maybe botnets learned that trick too?

  5. SHHHHHHHHH by Moheeheeko · · Score: 1

    Don't give them ideas.

  6. Is this thing seriously not yet reverse engineered by ani23 · · Score: 1

    or is the government just letting it thrive. I cannot imagine that software could be so self aware that upon being aware of its presence competent people cannot figure out a way to stop it once and for all or at least secure vulnerable systems from it.

  7. I thank you 7or your time by Anonymous Coward · · Score: -1

    sh4re, th1s news

  8. If critical infrastructure wasn't online... by Viol8 · · Score: 4, Interesting

    ... this wouldn't be an issue. And make sure workers can't plug in USB sticks or DVD/CD-ROMS. Really , I do wonder whether people running IT in critical industries have all had a collective lobotomy.

    1. Re:If critical infrastructure wasn't online... by gl4ss · · Score: 1

      and what, run them only on custom microcontrollers and dos machines??

      oh wait that would be perfect.

      --
      world was created 5 seconds before this post as it is.
    2. Re:If critical infrastructure wasn't online... by Viol8 · · Score: 1

      Maybe, who knows, Depends on the task. But thats besides the point, which is that even an unpatched Win95 machine is safe if its totally locked down and there's no way for any software or data to be loaded onto it either via a network connection or via the machine itself.

    3. Re:If critical infrastructure wasn't online... by Anonymous Coward · · Score: 0

      He has a point. Does every system really have to be online? I've worked with classified networks and they aren't connected in any way to the rest of the world yet they somehow manage to function. Not as convenient, sure, but no one ever broke into them.

    4. Re:If critical infrastructure wasn't online... by chronoglass · · Score: 1

      I've often wondered why there isn't a proper setup here.
      I mean why are they connected?
      if not
      why can people access them directly?

      I mean.. you can whitelist traffic instead of blacklisting.. you KNOW what is supposed to happen between the "critical side" and it's controller machine.. block anything that doesn't fit that mold.. done

      as an override have a terminal that connects to the control box with a door that sets off every siren in the world when opened. basically saying, something went horribly wrong.

    5. Re:If critical infrastructure wasn't online... by Anonymous Coward · · Score: 0

      IT workers are not the problem here or there.
      This falls squarely under "stupid management tricks"
      Twenty-six years ago IS/IT was taken over by business types.
      Technical Management soon became non-existant.
      With morons in charge stupidity is limitless.

  9. If Westwood didn't team up with EA by Anonymous Coward · · Score: 0

    Then proprietary Command and Conquer servers wouldn't have to be the only option for playing the game.

  10. C & C by Anonymous Coward · · Score: 0

    Meh, I stopped playing Command & Conquer years ago.

  11. Looks like by Nanosphere · · Score: 1

    Duqu was cut off at the head.

    *sunglasses*
    YEEAHHH!!!

  12. Anyone else read this... by Anonymous Coward · · Score: 0

    ...as Command and Conquer servers? I was about to throw a fit, wondering why some online gaming group's game servers were nabbed!

  13. Correct by WindBourne · · Score: 2

    All the more reason to not announce it and follow it back to where it came from. There is an international community on this. We need to trace this ALL the way back.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  14. See what I did here? by Anonymous Coward · · Score: 0

    1) Its called encryption

    2) Its called a subject line, not the 1st half of your sentence.

  15. Someone please explain the abbreviation issue? by Anonymous Coward · · Score: -1

    Seriously? Why is it an insult to abbreviate a nationality name? Why is Japanese OK, but yet not Jap? Same with Paki? Seriously we don't get offended when were are called Yanks. Maybe we should? Why is only part of the nationality offensive? It really defies common sense logic.

    Then again, if it defies logic, maybe we aren't dealing with logical people, perhaps?

    1. Re:Someone please explain the abbreviation issue? by RogueyWon · · Score: 1

      The weight attached to words depends heavily on history and context. In the UK, and a few other European nations with similar demographic histories, that word is one that has picked up a lot of baggage. It's associated with skinhead thugs smashing windows and other such unpleasantness.

      Just as the "n" word I mentioned has unsavoury connotations in the US, particularly in the southern States, so too this is a word you should never use in polite company. I admit it's a bit odd... nobody has ever found... say... "Afghan" to be an obscenity. But unfortunately, it's an abbreviation that's picked up a lot of unfortunate politics and history.

      "Jap" is probably offensive because, when it came into common usage during WW2, it was meant to be offensive (understandable in the context of the times). "Yank" can be offensive in some circumstances - when I hear it at a London dinner party, I often hear a deep anti-American undertone to it that genuinely nasty. But at the same time, many Americans have adopted the term themselves, which robs it of a lot of its power. We Brits have a similar relationship with the term "Limey". Australians and others use it as a term of abuse (though often in jest) - but for us, it's a nice reminder that we were smart enough to work out how to avoid scurvy at sea.

      As I say, history and context are everything.