Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Microsoft Security News IT

Same Platform Made Stuxnet, Duqu; Others Lurk 89

Posted by timothy from the what-evil-lurks-in-the-hearts-of-men dept.
wiredmikey writes "New research from Kaspersky Labs has revealed that the platform dubbed 'tilded' (~d), which was used to develop Stuxnet and Duqu, has been around for years. The researchers say that same platform has been used to create similar Trojans which have yet to be discovered. Alexander Gostev and Igor Sumenkov have put together some interesting research, the key point being that the person(s) behind what the world knows as Stuxnet and Duqu have actually been using the same development platform for several years." An anonymous reader adds a link to this "surprisingly entertaining presentation" (video) by a Microsoft engineer, in which "he tells the story of how he and others analysed the exploits used by Stuxnet. Also surprising are the simplicity of the exploits which were still present in Win7." See also the report at Secureist from which the SecurityWeek story draws.
This discussion has been archived. No new comments can be posted.

Same Platform Made Stuxnet, Duqu; Others Lurk More

Same Platform Made Stuxnet, Duqu; Others Lurk

Comments Filter:

  • Windows 7 (Score:1, Insightful)

    by Anonymous Coward on Sunday January 01, 2012 @01:31AM (#38554270)

    So, this new super-secure, not-at-all-like-the-previous-versions of Windows is still being infected by the same malware as before.

    I'm shocked!

  • Re:first post of the new year (Score:2, Insightful)

    by MichaelSmith ( 789609 ) on Sunday January 01, 2012 @02:33AM (#38554466) Homepage Journal

    by Anonymous Coward on 2012-01-01 16:07 (#38554182)

  • Re:Windows 7 (Score:5, Insightful)

    by man_of_mr_e ( 217855 ) on Sunday January 01, 2012 @05:05AM (#38554866)

    Windows is still hobbled by backwards compatibility. They have been steadily pruning the system of such compatibility issues over the years, but they still remain.

    The print spooler was a compatibility issue, and it wasn't writing files to the system directory of another computer. It was the remote print spooler that was writing to its own system directory.

    The shell icon extraction code was probably written for Windows 95, and the LoadLibraryEx was not added until Windows 2000. This is why it was the only exploit that worked on all systems.

    The CRC32 bit was definitely not well thought out, but it was most likely not considered to be an attack vector, and only there to prevent file corruption... for which CRC32 is fine.

    There are going to be bugs in any non-trivial code, and Windows has a lot of code. Just like Linux has lots of code, and MacOS has lots of code.. you can find these kinds of issues in any OS.

  • Re:Windows 7 (Score:2, Insightful)

    by Anonymous Coward on Sunday January 01, 2012 @06:29AM (#38555058)

    Whats the point of using Windows if it cant run the CFOs IE 6 app? Or productions 16 year old Win95 app? Businesses use Windows to run software and a clean break doesnt make financial sense. This software cant be rewritten and needs to remain compatible.

  • Re:Windows 7 (Score:5, Insightful)

    by zAPPzAPP ( 1207370 ) on Sunday January 01, 2012 @06:48AM (#38555092)

    Writing new code from scratch will not make that code suddenly bug free.

Slashdot Top Deals

Arithmetic is being able to count up to twenty without taking off your shoes. -- Mickey Mouse

Close