Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Duqu The Latest Short-Lived Star of Malware

BitDefender UK : 25 October, 2011  (Technical Article)
Bitdefender places the Duqu rootkit in historic perspective comparing it to other stars of the malware theatre
Duqu The Latest Short-Lived Star of Malware
Rootkit.Duqu.A is the current star in the world of malware but, as history shows, that fame will be short-lived. Just like fashion models, modern malware has a lifespan in the media eye of a couple of weeks to a couple of months, tops. They then fade into the shadow of more dangerous and sophisticated tools.

Before Duqu, a multitude of e-threats claimed the award for the most innovative, most dangerous or most pervasive piece of malware in the wild. It is a game that malware creators have played with victims – the computer users - or with their arch-enemies – the AV industry – since computers were too large to fit in a regular room and were anything but “personal.” Here is a short recap of the most important e-threats, in reverse chronological order.

Without a doubt, 2010 was known for the emergence of Stuxnet, the first piece of malware specifically designed to sabotage nuclear power plants. It can be regarded as the first advanced tool of cyber-warfare.

However, sophisticated malware has also been put to more “civilian” use. Back in 2008, social networking users befriended Trojan.Koobface, a piece of malware that used to spread via social platforms such as Facebook, Twitter and Hi5. Once infected, users would serve as both vectors of infection for other social network contacts and as human robots to solve CAPTCHA challenges for cyber-criminals, among other things.

If you were old enough to “drive” a computer back in 2004, you probably remember the MyDoom worm, a rapidly-spreading mass-mailer worm apparently commissioned by a spam group to automate sending of unsolicited mail via infected computers acting as relays.

1999 brought another game changer named Melissa, a mass-mailing macro virus, which managed to overload Internet mail systems to the point of shutdown. If most computer users knew they should be careful with exe files, they were completely unaware that opening a Word document would spread the worm to their e-mail contact lists.

The early 90s marked an important milestone for the traditional antivirus industry that was relying on string signatures to statically identify malware. The emergence of Chameleon, an e-threat actually able to mutate its code after each infection in order to trick AV scanners and evade detection, signaled that it was time for the industry to switch to more advanced defense technologies such as heuristics and sandboxing.

If you thought that Rootkit.Rustock and Rootkit.TDSS were packed full with novel technologies, you’re in for a surprise. Boot sector malware has been around since 1986, when two Pakistani computer-shop owners created the Brain Boot Sector virus, a piece of harmless code that was able to camouflage its presence by tampering with the result of disk read requests.

Of course, this list could only end with the great-grand parent of the modern Trojan, the Pervading Animal game. Built on a Univac 1100/42 mainframe that looks like this, the game had primitive artificial intelligence support and was complemented by a “software distribution routine” called PERVADE that would copy the game in the directories of other users of the Univac mainframe. Although the purpose was to allow other users to grab a copy of the game, this method of distribution is what we call today a “classic Trojan Horse attack”.

However, the history of malware – a term that we tend to associate with modern threats such as Bankers or keyloggers – is rife with incidents that allowed viruses to morph from innocent pranks to advanced military weapons.  If you’d like to find out more about how malware grew in time, download this hi-res copy of the infographic or grab a copy of the Malware History whitepaper available in the Downloads section.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo