Duqu 2.0

  • The way of propagation

    Social engineering , USB drives
  • Purpose/Functions

    Cyberespionage , Data theft , Data wiping , Remote control , Surveillance
  • Special features
    An updated version of the infamous 2011 Duqu malware
  • Targets

    Electronics manufacturing , High technology companies , Information technology , Politicians , Private companies , Software companies , Specific individuals
  • Artefacts/Attribution
    Duqu 2.0 is an updated version of the infamous 2011 Duqu malware, which is associated with an APT group that went dark in 2012.
  • Description

    A modified version of the infamous 2011 Duqu malware. It was found on Kaspersky’s internal networks in the spring of 2015 after leveraging a vulnerability in Windows kernel; it was also used to gather information related to the P5+1 (US, UK, France, Russia, China, and Germany) talks concerning the Iranian nuclear deal later reached in 2015.

    Additional information