Friday, June 15, 2012

Top 3 PC Viruses 2012 - Flame, Duqu, StuxNet Cyberweapons

How PC Trojan Duqu Infects Computer using Word Document Vulnerability
3 complex PC viruses discovered coming from the same group composed of different teams starting 2010 until the latest Flame outbreak in May 2012 create what is known as the super cyberweapons in digital world known to date. A complex malware written that steals, spy private information, sabotages equipment and exploiting vulnerabilities, is this the beginning of a cyberwar?

Here is the 3 latest malware cyberweapons details. If there is a fourth malware in the wild left undiscovered, I think it will exceed the 3 PC viruses capabilities, complexities and damaging effects.


1. Trojan Flame 

Discovered: May 2012
Type of Virus: Trojan, Worm
First Detected by: Kaspersky lab
Virus Filesize: 20MB Exploited Vulnerabilities: Same as StuxNet Printer Spooler Vulnerability
Targets: Middle East Countries
Attack platform: Flame, Duqu and StuxNet all uses Tilded Platform. Malware developer prefer filenames that uses "~d*.*" format.
Programming Language: Uses Lua programming
Can Spread Via: USB, can replicate over local area network
What they can do?: Backdoor, Recording conversations, detecting who's and what is on the network and sending it to C&C server. Deleted Files and Data loss of IRAN Government. Interested in PDF, Office and AutoCAD drawings.
Virus Developer: Unknown Same Group with Duqu and StuxNet. Different team for each type of virus. The group shared source code "Resource 207" - an encrypted DLL file and contains executable files, a module that is found in StuxNet.
Antivirus Detection: Kaspersky Worm.Win32.Flame

Trojan Flame Affected Countries on Middle East


2. Trojan Duqu

Discovered: September 2011
Type of Virus: Trojan
First Detected by: Hungarian Research Lab CrySys
Virus Filesize: 3 components - keylogger tool, jminit7 and cmi4432 group of objects.
Exploited Vulnerabilities: Word Document CVE-2011-3402 Vulnerability
Targets: IRAN Nuclear Program
Programming Language: Unknown Programming called Duqu Framework
Can Spread Via: Targeted attack involving word vulnerability
What they can do?: Backdoor and Steal private information (Infostealer). Intercept victims keystroke and screenshot and sent to Command & Control Server.
Antivirus Detection: Kaspersky Exploit.Win32.CVE-2011-3402, Trojan.Win32.Duqu


3. StuxNet Malware

Discovered: June 2010
Type of Virus: Malware
First Detected by: VirusBlokAda
Virus Filesize: 500Kb
Exploited Vulnerabilities: 4 Zero Day Vulnerabilities which includes Exploits Windows LNK , Print spooler, Keyboard File, Task Scheduler Vulnerability
Targets: IRAN Nuclear Power Plant Uranium Rich Centrifuges
Programming Language: C and C++
Can Spread Via: LAN and USB. Stuxnet can replicate from one computer to another.
What they can do?: PLC and SCADA Equipment Sabotage. Target Simatic WinCC Step7 software of Siemens, a program that control motors, valves and switches.
Antivirus Detection: Symantec W32.Stuxnet

Sources:
Flame Virus
More on Duqu
StuxNet



Related Articles:
7 Ways to make your Computer Virus Free with IOBIT Malware Fighter and AVG  2012 AntiVirus Protection
What's New with Latest Advanced System Care Ver 5.0 - A Review
How to make your Computer Startup 50% Faster - Tips and Tricks
Tips and Tricks to make your Computer Virus Free for Every Season

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...