The Duqu 2 virus, which foreign sources claim Israel planted in order to spy on the Iran nuclear talks, has significant capabilities beyond eavesdropping. Treadstone 71 CIO Jeff Bardin told “Business Insider” that the virus can also access sensitive files, individuals’ personal details, passwords, and more.
“Since Duqu uses root capabilities and exploits vulnerabilities that allow for an elevation of privileges, Duqu can be used to install other code that can keystroke log, record conversations, record video, extract files, track any activity that occurs on the infected Windows PC or laptop. This includes the capturing of user IDs, passwords, and sensitive files."
Bardin added, “Once the code is installed, most anti-virus software cannot detect or remove this malware. Duqu allows for the complete takeover of the target Windows devices.”
The “Wall Street Journal” reported yesterday that Internet-security company Kaspersky believes that someone planted the Duqu virus in the hotels at which the Iran nuclear talks were held, in order to spy on them. Foreign sources believe that Israel is behind the attack. Israel was silent on the matter until this morning, when Israel’s Deputy Minister of Foreign Affairs Tzipi Hotovely denied Israel’s involvement.
“There is no basis for the international reports claiming Israel was involved in the matter,” Hotovely told Israel Army Radio (Galei Tzahal) today. “What’s much more important is that we prevent a bad deal, otherwise, at the end of the day, we will find ourselves under Iran’s nuclear umbrella.
No Israeli official other than Hotovely has issued a response, and the government is remaining silent on the matter.
Casaba Security co-founder and Managing Principal Chris Weber told “Business Insider” that the new, updated version of the Duqu virus, Duqu 2.0, "is an extremely advanced malware platform with delivery mechanisms on par with Stuxnet." (In 2012, it was reported that Israel and the US had planted the Stuxnet worm in the Iran nuclear facility and disrupted its operation.)
Weber added, "Once infected, the Duqu platform offers its operators ability to install either a simple, memory-resident backdoor or a more persistent and fully featured command and control package. After that, the platform allows for leverage into other parts of the network."
Weber called Duqu 2.0 "bad-ass," and believes malware to be "the tool of choice for nation-state spying."
Published by Globes [online], Israel business news - www.globes-online.com - on June 11, 2015
© Copyright of Globes Publisher Itonut (1983) Ltd. 2015