Authorities Seize Duqu's C&C Servers In Mumbai 53
wiredmikey writes "In Mumbai, Indian authorities seized components from servers in a data center after Symantec informed them that they were communicating with the command and control infrastructure used by Duqu, the Trojan that is touted as the precursor to the next Stuxnet. According to a report from Reuters, officials the Department of Information Technology in India seized hard drives and other components from a server hosted in a Mumbai data center. Security vendors and government labs are worried that malware such as Duqu and Stuxnet are the building blocks needed in order for attackers to target critical infrastructure. Based on the initial analysis of Duqu, many researchers warned that it was the second generation development of Stuxnet, but this is still the subject of much debate, with some experts now saying that the connection between the two malicious programs is questionable."
Servers? (Score:4, Interesting)
I'm kind of surprised that cutting edge malware depends on a central server for command and control. What about P2P? Or steganographic embedding of commands in forum posts or images? It seems like a robust and deniable control system would be one of the first things you implement in malware like this.
If critical infrastructure wasn't online... (Score:5, Interesting)
... this wouldn't be an issue. And make sure workers can't plug in USB sticks or DVD/CD-ROMS. Really , I do wonder whether people running IT in critical industries have all had a collective lobotomy.