Researchers at the US computer security firm Symantec say they have obtained a
new version of an Internet worm that has been linked to the Stuxnet
Stuxnet is the name of a computer virus that was detected in 2010,
which reportedly caused significant damage to Iran’s uranium enrichment
It targeted Siemens supervisory control and data acquisition
(SCADA) systems, used by Iran to enrich uranium through spinning centrifuges.
Foreign media reports speculated that Israel or the US, or both, were behind the
Five months ago, Symantec detected a computer worm, Duqu, which
sends back information on systems that would help attackers prepare a future
Duqu “must either have been created by the same group that
authored Stuxnet, or by a group that somehow managed to obtain Stuxnet’s source
code,” Symantec said following the discovery.
Now, Symantec said, part of
a new version of Duqu has been found.
Researchers at the firm said they
came to possess a part of the worm which causes it to load on a computer after
“The compile date on the Duqu component is February 23,
2012, so this new version has not been in the wild for very long,” a post on
Symantec’s blog said. “We can see the authors have changed just enough enough of
the threat to evade some security product detection.”
Last year, Symantec
concluded that the mysterious authors behind Stuxnet, described as the most
sophisticated cyber weapon on the planet, appear to be planning another strike,
and have updated their advanced spy program designed to search out
The Duqu worm was believed to have infected systems in
countries from Vietnam to France, including Iran.
In recent days, another
cyber security company, Kaspersky Lab, reported that Duqu had been written in
“pure C,” an old programming language “long since discarded by most programmers
in favor of newer versions,” ABC News reported.
researchers, ABC said that the old language was used “to make sure that the worm
could infect just about everything it touched.”