Disconcerting news is shocking the IT security industry. The virus protection giant Kaspersky has been compromised by a sophisticated cyber-threat.
A new, powerful strain of the notorious Duqu malware appeared in the wild after going dark in 2012. The so-called Duqu 2.0 was the malicious agent used against the security firm and many other targets worldwide.
Duqu 2.0 was described by security researchers as highly sophisticated malware that exploited a number of zero-days vulnerabilities, which are listed below:
Malware researchers at Kaspersky that first detected it revealed that among its targets there were entities linked to the negotiations about Iran’s nuclear deal and IT security firms. Duqu 2.0 targeted a number of Western organizations and entities operating Asia and in the Middle East.
“Duqu 2.0, the cyberespionage tool that was used to compromise security firm Kaspersky Lab, has also been used in a number of other attack campaigns against a range of targets, including several telecoms firms. Analysis by Symantec concurs with Kaspersky’s assessment today that Duqu 2.0 (detected by Symantec as W32.Duqu.B) is an evolution of the older Duqu worm, which was used in a number of intelligence-gathering attacks against a range of industrial targets before it was exposed in 2011. Although their functionalities were different, the original Duqu worm had many similarities with the Stuxnet worm used to sabotage the Iranian nuclear development program,” explained malware researchers at Symantec that analyzed the malware.