Around two weeks back, Symantec had disclosed the malicious Duqu software which appeared similar to Stuxnet. Remember Stuxnet, the malware likely to have wreaked havoc in the Iran nuclear plan. Several governments and investigators world over are now striving to destroy this Duqu malware. In India, authorities have seized equipments from a Mumbai data center and security professionals alert it as the next gigantic threat, reports IBNLive.
Duqu linked to server in Mumbai (Image Credit: IBN Live)
Last week, officials from the Indian Department of Information technology took charge of components/hard drives from a server affected by the Duqu malware as informed by Symantec Corp, two Web Werks workers told Reuters. However, the workers denied knowing any information on how the malware got into the server at Web Werks.
Web Werks is a private firm in Mumbai with about 200 employees and its equipment may hold critical data to aid and accelerate the investigating process to know who has created Duqu. But putting the pieces together is a long and difficult process, experts said. “This one is challenging,” said Marty Edwards, director of the US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team. “It's a very complex piece of software.”
According to Ars Technica, Symantec reveals that Duqu and Stuxnet could be related and enabled by the same code. However, Dell says that both malware aren’t necessarily related and Duqu could be a new serious malware altogether.
Duqu gets its name from the prefix ‘DQ’ that it creates to steal valuable information while according to renowned security companies like SecureWorks, McAfee, Kaspersky Lab and Symantec victims of this malware are found in Europe, Iran, Sudan and the United States. Though these hackers are yet unknown, they are apparently backed by a government.