Latest in Duqu

Image credit:

State-backed spyware targets antivirus maker, Iranian nuclear talks

Share
Tweet
Share
Save

Sponsored Links

The threat posed by state-sponsored malware might be even larger than first thought. Antivirus developer Kaspersky Lab says it discovered an attack on its network by allegedly government-made spyware that appears to be an upgraded version of Duqu, the Stuxnet-based worm used by Israel and the US to derail Iran's nuclear efforts. This "Duqu 2.0" not only tried to obtain details about Kaspersky's investigations and detection abilities, but remained remarkably stealthy. Pre-release software was necessary to catch it, and there were attempts to throw researchers off the scent by suggesting that China or Eastern Europe was to blame.

While there's no smoking gun proving who was responsible, the list of additional victims narrows the possible culprits. There were less than 100 targets, including participants in negotiations surrounding Iran's nuclear program -- it's easy to see Israel or the US once again being involved. The scope of the attack is likely "much wider," according to Kaspersky, and its competitor Symantec suspects that the snoops were using their tool for "multiple intelligence gathering campaigns."

The good news? While it's not certain just what the intruders collected, the immediate damage is relatively minimal. Kaspersky says that Duqu 2.0 didn't compromise its customers or products, and Microsoft just recently patched the Windows vulnerability that let the attackers in. It almost goes without saying that Kaspersky's antivirus tools now know to look for the offending software. However, the implications of the breach are severe. They suggest that a government body was willing to compromise a security company, one of its supposed allies, in the name of developing harder-to-find hacking technology -- an "outrageous" idea in Kaspersky's eyes. It's now less likely that private security researchers will cooperate on cyberdefense issues, which could worsen the situation for everyone.

[Image credit: Image credit: IIPA via Getty Images]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Tilta mods Blackmagic's Pocket Cinema Camera with a tilt screen and SSD

Tilta mods Blackmagic's Pocket Cinema Camera with a tilt screen and SSD

View
Three Mile Island's infamous nuclear plant shuts down after 45 years

Three Mile Island's infamous nuclear plant shuts down after 45 years

View
Samsung asks users to be extra careful with the Galaxy Fold

Samsung asks users to be extra careful with the Galaxy Fold

View
Uber sues NYC over vehicle caps

Uber sues NYC over vehicle caps

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr