Slashdot Mirror
Experts 'Convinced' Duqu Work of Stuxnet Authors
Trailrunner7 writes "Researchers are fairly confident now that whoever wrote the Duqu malware was also involved in developing the Stuxnet worm. They're also confident that they have not yet identified all of the individual components of Duqu, meaning that there are potentially some other capabilities that haven't been documented yet. There was a lot of speculation when Duqu first emerged about whether the attack was the work of the same group--still unknown--that had created Stuxnet and unleashed it on Iran's nuclear facilities last year. Some of that was centered on supposed similarities in the code between the two pieces of malware, but that was before many of the individual components of Duqu had been identified and analyzed. Now that the analysis and research into the Duqu malware have advanced a bit, researchers say they've found more evidence that points to the malware being the work of the Stuxnet authors or their close associates. 'I'm convinced it's the same group,' Costin Raiu, director of global research and analysis at Kaspersky Lab, who has done much of the analysis of Duqu, said."
So Duqu is estimated to have infected about 50 machines. It's a piece of scouting software that collects and maps information, but doesn't attack. It doesn't even phone home yet. It's obviously not news because of its impact to the broad population of computers on the Internet.
So what exactly is this story telling us? Panic now, because the Stuxnet authors are still on the loose and writing malware? Don't panic at all, because Duqu is obviously targeting an Enemy of the State (like Iran) and not generic PCs? Buy Symantec or Kaspersky antivirus software because their detection has gotten better since Stuxnet?
John
[evidence needed]
[citation needed]
[explicitly stated allegations needed]
[ad hominem needs review]
Who is funding Kaspersky labs?
My best guess is AV software sales.
No.
Malware researchers should investigate malware, regardless of its pedigree. The malware doesn't discriminate as to the computer. Duqu and Stuxnet will infect a Windows system regardless its location and use. That was part of the idea behind Stuxnet: wide initial deployment so that it would eventually find its way into the Iranian centrifuge system. The authors don't seem to care if they infect non-affiliated systems along the way.
There is also no reason why the exploits being used in Duqu and Stuxnet, presumably by western governments, can't be rebranded by our more run of the mill botnet farmers and spammers.
Well if some random guy took the credit it must be true. No one lies about what their accomplishments.
But who else would Iran use their nuclear weapons on?
Probably the same people who don't want Iran to be a nuclear country as much as Isreal; namely the rest of the Middle East.
I guess its a poor Western mentality that makes illogical group-think become accepted in that all Arab countries stick together. Nothing could be farther from the truth. Just about EVERY ME country does NOT want Iran to get nukes and have been actively encouraging every country (include the US) to militarily intercede into Iran.
Bluntly, most of the people who accuse Israel and the US of engineering these things do so by proudly proclaiming their ignorance of how the world works. The fact is, only crazy nutjobs want Iran to get nukes which means almost the entire world is more than happy to actively work against Iran's nuclear ambitions. And only Israel has interests equal to or slightly greater than all of the other ME countries in the region.
Ummm... Israel is the only nation in the region attacking its neighbors. Get past the propaganda, and it is pretty apparent who the real terrorists are.
Right. The missiles shot from Gaza into Israeli territory were launched by whom? The Mossad? Not that I condone a lot of what the Israeli government is doing these days, but even for an AC, you seem remarkably dense.
Faster! Faster! Faster would be better!