Malware
Duqu
First seen: 2011-09 • Status: inactive
Currently Inactive
Duqu is related to Stuxnet and was used to spy on Iran nuclear talks. It even hacked Kaspersky, a major antivirus company.
Overview
Duqu shares code with Stuxnet and was used for reconnaissance. Duqu 2.0 famously compromised Kaspersky Lab and the Iran nuclear negotiations.
Also Known As
Duqu 2.0
How It Spreads
- • Zero-day exploits
- • Targeted attacks
What It Does
- • Reconnaissance
- • Information gathering
- • Pre-attack intelligence
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for Duqu signatures
- • Watch for sophisticated zero-days
MITRE ATT&CK Techniques
T1005, T1071
If You're Infected
- 1.
Nation-state level incident response required
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required