The Duqu malware, which has strong resemblance to the infamous Stuxnet trojan, is perhaps in a different guise used to the Iranian nuclear program to spy on. That claims at least security company Kaspersky Lab.
Kaspersky Lab is based on the Iranian guard dog irCert, which in april reported a new worm that they are Stars called. Stars would be attack using a kernel exploit to have focused on Iran’s Windows-based systems. In addition, reports irCert that in October and discovered Duqu virus uses the same exploit, an error in the processing of TrueType fonts by the Windows kernel. This would make the virus a variant of the Stars-malware. Kaspkersy Lab says that now to confirm. The Duqu malware is now also in the Netherlands and Belgium identified.
The security company also confirms that with Duqu-infected systems on april 21, have been attacked. In addition, report to the United Nations, according to Kaspersky Lab evidence that Iran computer models for the building of a nuclear weapon. Ten countries would have this information provided to the International atomic energy agency. It is not inconceivable that this information is partly obtained by means of the Stars and/or Duqu-malware. This week, the IAEA report about the Iranian nuclear program.
Microsoft now has a field dressing released for the security hole in Windows to fix it. Expected to take the company next Tuesday for a final patch in its monthly patchronde.