Wednesday, December 13, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Toshiba and Western Digital Reach Settlement, Agree to Strengthen Flash Memory Collaboration
Twitter Makes It Easier For Users to Create Threads
Tsinghua to Invest in China-based Lite-On Storage Plant
Facebook to Book Advertising Revenue Locally Following Pressure
New Radeon Software Adrenalin Edition Provides Amped-Up Connected Gaming
Nintendo Says Switch Sells 10 Million Worldwide
Toshiba Unveils Embedded NAND Flash Memory Products for Automotive Applications
FCC to Hand Over Internet Oversight to FTC
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > The Duq...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, June 16, 2015
The Duqu 2.0 Uses Foxconn's Digital Signature


Researchers at Kaspersky Labs has taken a deeper look into the latest version of malware known as Duqu and they discovered that it used digital certificates from contract manufacturer Hon Hai Precision Industry, also known as Foxconn, to help mask its activity.

Digital certificates are used for encrypting data and verifying the legitimacy of websites and applications.

The group that created Duqu is considered to be one of the most sophisticated cyberespionage teams. Researchers have noted the malware appears to be related to Stuxnet, the worm developed by the U.S. and Israel to sabotage Iran's nuclear program.

During previous research into Stuxnet and Duqu, the researchers had observed digitally signed malware (using malicious Jmicron and Realtek certs).

The digital certificates and signing malware on behalf of legitimate businesses seems to be a regular trick from the Duqu attackers. The security firm has no confirmation that any of these vendors have been compromised but indicators show that the Duqu attackers have a major interest in hardware manufacturers such as Foxconn, Realtek and Jmicron. This was confirmed in the 2014/2015 attacks, when Kaspersky observed infections associated with hardware manufacturers from APAC, including ICS and SCADA computer equipment manufacturers.

Besides these Duqu drivers the reseatches haven’t uncovered any other malware signed with the same certificates. That rules out the possibility that the certificates have been leaked and are being used by multiple groups. It also seems to indicate the Duqu attackers are the only ones who have access to these certificates, which strengthens the theory they hacked the hardware manufacturers in order to get these certificates.

Finally, the Duqu attackers seem to be careful enough not to use same digital certificate twice. If that’s true, then it means that the attackers might have enough alternative stolen digital certificates from other manufacturers that are ready to be used during the next targeted attack.

Kasperky labs has informed both Verisign and HON HAI about the use of the certificate to sign the Duqu 2.0 malware



Previous
Next
E3: New AMD Radeon R9 and R7 300 Series Graphics Line-Up Takes Advantage Of New HBM Technology        All News        SK Hynix Ramps Production of High Bandwidth Memory, Partners With AMD On New Radeon R9 Fury X Graphics Card
Twitter Launches First Autoplay Videos     General Computing News      New App Lets You Privately Share Photos With Friends

Get RSS feed Easy Print E-Mail this Message

Related News
UK Cyber Security Agency Targets Kaspersky Software
Kaspersky Lab Seeks To Restore Reliability By Opening Software to Review
Russians Used Kaspersky Antivirus for Hacks: reports
Kaspersky Software Used in Russian-backed NSA Breach: report
U.S. Government Bans Kaspersky Products from Its Agencies
Kaspersky Lab Launches Free Antivirus Software
Kaspersky Lab Says it Has Been Dragged into the U.S.-Russia Geopolitical Game
Kaspersky Filed Antitrust Complaints Against Microsoft Over Windows Defender
Kaspersky Launches 'Secure Operating System'
Kaspersky Presents New Versions of its Flagship Consumer Security Solutions
Kaspersky Lab Announces Solution to Detect Targeted Attacks and New Security Intelligence Services
Kaspersky Endpoint Security Ranked First In Anti-malware Tests

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .