On October,The W32.Duqu malware is detected by Symantec and CrySys Lab discovered the binaries of this malware. Later they found the installer of this virus. This malware exploits the zero-day vulnerability in windows kernel. First they think that it might be another version of the most notorious malware "Stuxnet". After the investigation, they found that the same virus attacked the iran at the starting of this year with the name "Stars".
"We are in the initial phase of fighting the Duqu virus," Gholamreza Jalali, was quoted as saying. "The final report which says which organizations the virus has spread to and what its impacts are has not been completed yet.
"All the organizations and centers that could be susceptible to being contaminated are being controlled," he said.
Duqu under control:
Iran says they found the way to control the Duqu.“The software to control the (Duqu) virus has been developed and made available to organisations and corporations” in Iran, head of civil defence Brigadier General Gholamreza Jalali told the official IRNA news agency.
“The elimination (process) was carried out and the organisations penetrated by the virus are under control … The cyber defence unit works day and night to combat cyber attacks and spy (computer) virus,” he added.
Crysys Lab,NSS Lab developed Duqu Detection tools. Microsoft provide temporary fix for this 0-day vulnerability.
If you like to more about Duqu, Click here.
