Anyone else worried about the Duqu worm?

rcook12

I’ve seen tons of articles pop up in my news feeds today about the Duqu worm, and the latest news tells me that there is still no patch to close the vulnerability in Window.  My level of concern is growing. How much risk is there that this worm will cause widespread harm? Are businesses here in the U.S. of A. at risk?

Topic: Security
Answer this Question

Answers

2 total
jdixon
Vote Up (24)

 

From what I have read from Forbes, it seems that the Duqu worm is possibly the result of some government's intelligence agency at work, and seems to be used in targeted attacks.  Now that it is out there, who knows how far it will spread.    It seems that it uses a .doc file to install itself on your hard drive, so I certainly won't be opening any Word files that appear unexpectedly in my inbox.  Hopefully the patch that Microsoft is working on will be released shortly.  

 

Symantec published a white paper on Duqu that you might find interesting:  http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf 

 

jimlynch
Vote Up (22)

No, not at all for my personal computing. I run Linux and Mac OS X. As far as I know neither of them is vulnerable to the Duqu worm at this point. It seems to be a Windows only virus.

That said, it certainly has the potential to cause significant problems so I hope the authorities can get a handle on it fast.

For those who aren't familiar with it, here's some background information:

http://www.dailytech.com/Nasty+Duqu+Worm+Exploits+Same+Microsoft+Office+...

"The "Duqu" worm is currently sweeping corporate networks worldwide, seeking to infect as many machines as possible in what appears to be an effort to target power plants, oil refineries and pipelines.

Microsoft Corp. (MSFT) revealed this week that Duqu uses similar code to the Stuxnet worm, which crippled Iranian nuclear power computer systems in 2010. Many have voiced suspicions that U.S. defense or intelligence agencies were behind Stuxnet, but it appears extreme unlikely that the U.S. government had anything to do with Duqu. In fact, Duqu appears to be targeting U.S. allies."

Ask a question

Join Now or Sign In to ask a question.
While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry.
Attackers deploy Web-based reconnaissance tool to gather information about potential targets in different industries
Europol launched a cybercrime task force Monday to fight online crime in the EU and other countries.
A file-encrypting ransomware program called CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, earning its creators more than US$1 million, researchers found.
Former U.S. Secretary of State Hillary Clinton called for a "global compact" on surveillance and the use of collected data, saying the U.S. isn't the only country that does it and American technology companies are unfairly targeted for the government's actions.
Electric carmaker Tesla Motors wants security researchers to hack its vehicles. The Silicon Valley based high-tech carmaker will hire up to 30 full-time hackers whose job will be to find and close vulnerabilities in the sophisticated firmware that controls its cars.
Two recent vulnerabilities are examples of problems that could have been avoided if we had just applied the lessons already learned in similar contexts.
Windows XP users may now download a fourth service pack for the 13-year-old operating system, but it isn't coming from Microsoft.
The growing number of data breaches resulting in massive numbers of payment cards being stolen from retail stores and other businesses is occurring because they're failing to keep up with the Payment Card Industry's data security standard, according to the PCI Security Standards Council.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness