Analysis: Duqu Targets Certificate Authorities

With virus researchers scrambling to decode a new piece of malware that is based on the code of the Stuxnet worm, an analyst at McAfee is speculating that the new worm, Duqu, may have been created to target certificate authorities. Writing on McAfee’s research blog, Guilherme Venere and Peter Szor say that an analysis of the Duqu code by McAfee experts suggests that the worm was created “for espionage and targeted attacks against sites such as Certificate Authorities (CAs).” The McAfee analysis, if accurate, is the first to explicitly mention the type of organization that the Duqu worm targeted, and would suggest that those behind the worm intended to use it as a precursor to subsequent, targeted attacks.

Full Article