Live Chat

Welcome to UKFast, do you have a question? Our hosting experts have the answers.

Chat Now
Sarah UKFast | Account Manager

Duqu Worm Linked to Word

The Duqu worm was spread with the help of an infected Microsoft Word document, according to researchers.

According to the reports, Duqu was able to modify computers' security protection by exploiting a previously unknown vulnerability embedded in Word documents.

The virus is believed to have been designed to gather intelligence from industrial control-systems and has targeted companies across Europe. Microsoft says it is preparing a software patch to address the issue.

Dr Boldizsar Bencsath of The Laboratory of Cryptography and Systems Security (Crysys) at Budapest University, who made the discovery, told the BBC: "We carefully analysed the available forensics data from the original incident where Duqu was uncovered.

"We found suspicious files that we further analysed, and in one case, we were able to prove that the file contains the installer of Duqu and it uses a zero-day exploit."

A zero-day exploit is a computer threat that makes use of a previously unknown software error giving the attacker to gain permissions they should not have.

Dr Bencsath added that it is possible that Duqu may also be installed by other means, but he had not found any evidence to suggest it.

Duqu has been compared to last year's Stuxnet worm, which aimed to spread as far and wide as possible to hunt down its target organisations - such as nuclear power plants. Duqu however has been used in targeted attacks in eight countries including Iran, India, France and Ukraine.

This week security firm Symantec reported the discovery of a different Trojan named PoisonIvy which has targeted 29 chemical companies.

print this article

Return to internet news headlines
View Internet News Archive

Share with: