Video Screencast Help

W32.Duqu - The precursor to the next Stuxnet

Created: 19 Oct 2011 • Updated: 25 Jun 2013
Symantec Analyst Relations's picture
0 0 Votes
Login to vote

On October 14, 2011, Symantec was alerted to a sample by a research lab with strong international connections that appeared very similar to the Stuxnet worm from June of 2010. This threat has been named W32.Duqu [dyü-kyü] because it creates files with the file name prefix “~DQ”. The threat was recovered from an organization based in Europe. Symantec has confirmed Duqu is a threat nearly identical to Stuxnet, but with a completely different purpose.

Please read the Symantec blog post and the Analysis Paper for more information.