What type of malware is Duqu?

Duqu malware is a variety of software components that together provide services to the attackers. Currently this includes information stealing capabilities and in the background, kernel drivers and injection tools. Part of this malware is written in unknown high-level programming language, dubbed “Duqu framework”.

How was Duqu used?

Similarly to Stuxnet, Duqu was highly targeted (having been discovered on less than 50 systems worldwide), used zero-day Windows kernel vulnerabilities to install itself, and used stolen digital keys to sign its components. Unlike Stuxnet, however, Duqu was not designed to disrupt industrial SCADA systems.

What does Duqu do?

Duqu is a remote access Trojan (RAT) that steals data from computers it infects. Duqu has been targeted at industrial equipment manufacturers, illegally collecting information about the manufacturer’s systems and other proprietary data.

How does Flame malware work?

Flame is a sophisticated type of malware — short for malicious software — capable of infecting myriad computer networks for the purpose of gathering sensitive data. Once a network is infected by Flame, the virus can relay back massive amounts of information through a computer’s facilities.

What is sophisticated malware?

Sophisticated malware attacks often feature the use of a command-and-control server that enables threat actors to communicate with the infected systems, exfiltrate sensitive data and even remotely control the compromised device or server.

What is torpig virus?

Torpig, also known as Anserin or Sinowal is a type of botnet spread through systems compromised by the Mebroot rootkit by a variety of trojan horses for the purpose of collecting sensitive personal and corporate data such as bank account and credit card information.

What is the difference between Flame and Stuxnet?

Unlike Stuxnet, which was designed to sabotage an industrial process, Flame appears to have been written purely for espionage. It does not appear to target a particular industry, but rather is “a complete attack toolkit designed for general cyber-espionage purposes”.

What is spyware disguised as?

Android spyware disguises itself as Google Play, Youtube, Google, or a VOIP calling app Botim and is almost impossible to remove from a phone.

What is the most sophisticated computer virus?

Flame
The last of these stated in its report that Flame “is certainly the most sophisticated malware we encountered during our practice; arguably, it is the most complex malware ever found.” Flame can spread to other systems over a local network (LAN). It can record audio, screenshots, keyboard activity and network traffic.