clock menu more-arrow no yes

Filed under:

'Duqu' computer trojan spy may be based on Stuxnet

If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.

Duqu Trojan Virus
Duqu Trojan Virus

Security researchers seem to agree: a new computer virus, Duqu, appears to be closely related to the Stuxnet worm that allegedly infected industrial SCADA systems and ravaged Iran's nuclear program last year. This one's probably not going to make uranium centrifuges wobble, though, because it's apparently just a spy. Duqu reportedly gives its controller a backdoor into infected systems, allowing them to obtain sensitive data and remotely download other malicious applications (including an infostealer that hides data in images of galaxies colliding), then deletes itself 36 days later. Why all the hubbub about Stuxnet, then? Security firms believe that Duqu and Stuxnet are close enough that they may be based on the exact same source code, and since that code was never obtained in Stuxnet's heyday, the two viruses could have been crafted by the same organization. At any rate, there's probably no need to worry about widespread Duqu disaster quite yet; since its discovery in Hungary earlier this week, precious few infections have been detected. Read the latest Duqu research at our source links.