Duqu

For the version of malware announced in 2015, see Duqu 2.0.

Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm[1] and to have been created by Unit 8200.[2][3] Duqu has exploited Microsoft Windows's zero-day vulnerability. The Laboratory of Cryptography and System Security (CrySyS Lab)[4] of the Budapest University of Technology and Economics in Hungary discovered the threat, analysed the malware, and wrote a 60-page report[5] naming the threat Duqu.[6] Duqu got its name from the prefix "~DQ" it gives to the names of files it creates.[7]

  1. ^ How Israel Caught Russian Hackers Scouring the World for U.S. Secrets, New York Times
  2. ^ NSA, Unit 8200, and Malware Proliferation Archived 25 October 2017 at the Wayback Machine Jeffrey Carr, Principal consultant at 20KLeague.com; Founder of Suits and Spooks; Author of “Inside Cyber Warfare (O’Reilly Media, 2009, 2011), medium.com, Aug 25, 2016
  3. ^ Cornish, Paul (4 November 2021). The Oxford Handbook of Cyber Security. Oxford University Press. ISBN 978-0-19-252101-9. Foreign sources routinely assert that Unit 8200 contribured to Stuxnet, Flame, Duqu and other sophisticated cyber campaigns.
  4. ^ "Laboratory of Cryptography and System Security (CrySyS)". Retrieved 4 November 2011.
  5. ^ "Duqu: A Stuxnet-like malware found in the wild, technical report" (PDF). Laboratory of Cryptography of Systems Security (CrySyS). 14 October 2011.
  6. ^ "Statement on Duqu's initial analysis". Laboratory of Cryptography of Systems Security (CrySyS). 21 October 2011. Archived from the original on 4 October 2012. Retrieved 25 October 2011.
  7. ^ "W32.Duqu – The precursor to the next Stuxnet (Version 1.4)" (PDF). Symantec. 23 November 2011. Archived from the original (PDF) on 13 December 2011. Retrieved 30 December 2011.