|How PC Trojan Duqu Infects Computer using Word Document Vulnerability|
Here is the 3 latest malware cyberweapons details. If there is a fourth malware in the wild left undiscovered, I think it will exceed the 3 PC viruses capabilities, complexities and damaging effects.
1. Trojan Flame
Discovered: May 2012
Type of Virus: Trojan, Worm
First Detected by: Kaspersky lab
Virus Filesize: 20MB Exploited Vulnerabilities: Same as StuxNet Printer Spooler Vulnerability
Targets: Middle East Countries
Attack platform: Flame, Duqu and StuxNet all uses Tilded Platform. Malware developer prefer filenames that uses "~d*.*" format.
Programming Language: Uses Lua programming
Can Spread Via: USB, can replicate over local area network
What they can do?: Backdoor, Recording conversations, detecting who's and what is on the network and sending it to C&C server. Deleted Files and Data loss of IRAN Government. Interested in PDF, Office and AutoCAD drawings.
Virus Developer: Unknown Same Group with Duqu and StuxNet. Different team for each type of virus. The group shared source code "Resource 207" - an encrypted DLL file and contains executable files, a module that is found in StuxNet.
Antivirus Detection: Kaspersky Worm.Win32.Flame
|Trojan Flame Affected Countries on Middle East|
2. Trojan Duqu
Discovered: September 2011
Type of Virus: Trojan
First Detected by: Hungarian Research Lab CrySys
Virus Filesize: 3 components - keylogger tool, jminit7 and cmi4432 group of objects.
Exploited Vulnerabilities: Word Document CVE-2011-3402 Vulnerability
Targets: IRAN Nuclear Program
Programming Language: Unknown Programming called Duqu Framework
Can Spread Via: Targeted attack involving word vulnerability
What they can do?: Backdoor and Steal private information (Infostealer). Intercept victims keystroke and screenshot and sent to Command & Control Server.
Antivirus Detection: Kaspersky Exploit.Win32.CVE-2011-3402, Trojan.Win32.Duqu
3. StuxNet Malware
Discovered: June 2010
Type of Virus: Malware
First Detected by: VirusBlokAda
Virus Filesize: 500Kb
Exploited Vulnerabilities: 4 Zero Day Vulnerabilities which includes Exploits Windows LNK , Print spooler, Keyboard File, Task Scheduler Vulnerability
Targets: IRAN Nuclear Power Plant Uranium Rich Centrifuges
Programming Language: C and C++
Can Spread Via: LAN and USB. Stuxnet can replicate from one computer to another.
What they can do?: PLC and SCADA Equipment Sabotage. Target Simatic WinCC Step7 software of Siemens, a program that control motors, valves and switches.
Antivirus Detection: Symantec W32.Stuxnet
More on Duqu
+ 7 Ways to make your Computer Virus Free with IOBIT Malware Fighter and AVG 2012 AntiVirus Protection
+ What's New with Latest Advanced System Care Ver 5.0 - A Review
+ How to make your Computer Startup 50% Faster - Tips and Tricks
+ Tips and Tricks to make your Computer Virus Free for Every Season