Tuesday 8 November 2011

Newly found Duqu Virus ,linked to MS Word


Duqu Virus , It's been talk of the town lately.Hackers are not letting cybersecurity experts not rest.Recently Hackers made use of a security flaw in Microsoft's Windows operating system to infect computers with the the Duqu virus.Microsoft have admitted this security flaw and responded swiftly to this security risk by releasing a temporary fix.

Hackers made use of new zero-day flaw which has been discovered in Windows operating systems including Windows 7, Windows Vista and Windows XP.This virus named 'Duqu' targeted victims via email and attached with a Microsoft word document and can silently pass over control from the users computer to a remote hacker.

The troublesome is that attackers can exploit this vulnerability to be able to run arbitrary code in kernel mode. This would then allow the attacker to install programs; view, change, or delete data; and even create new accounts with full user rights.This Duqu virus consists of a driver file, a dynamic linked library (DLL) containing many embedded files, and a configuration file. Those are then installed by an installer built into the code.

The Duqu virus, which was discovered in October by Symantec , is thought to be the next big cyber security threat.They named the threat ‘Duqu’ because it creates files with the file name prefix ‘~DQ’.It shares some of the code with Stuxnet, a malicious worm which targeted Iran's nuclear program, but Duqu is specifically created for gathering intelligence data from agencies and corporations.

 The first version of the Duqu virus was reported with a server in India, but a more recent version tried to log on to a server in Belgium which has now been taken offline. Lately, recent version tried to log on to a server in Belgium which has now been taken offline. This Duqu virus consists of a driver file, a dynamic linked library (DLL) containing many embedded files, and a configuration file. Those are then installed by an installer built into the code.It's found to possess digital certificate from a company based in Taiwan’s capital Taipei whose private keys for generating the certificate were stolen recently.

A word for users ,Be extra careful when you open Word documents, especially ones you get from unfamiliar email addresses. Also install the Microsoft’s temporary patch available here

1 comments:

donnaj edwards said...

Thank you for posting such a great blog. I found your website perfect for my needs. Read About UCAT anz

Post a Comment