from the kremlin-denies-involvement dept.
Trailrunner7 writes "All of the hype about Duqu being the next Stuxnet obscured many of the real facts about the new malware. It turns out that Duqu not only is essentially a customizable attack framework with separate modules for each target, but that it has been found on high-value networks in Iran and the Sudan. A detailed analysis of the Duqu malware files by Alex Gostev of Kaspersky Lab shows that the malware uses different drivers and modules for every target. 'It is obvious that every single Duqu incident is unique with its own unique files using different names and checksums. Duqu is used for targeted attacks with carefully selected victims,' Gostev said."
"Card readers? We don't need no stinking card readers."
-- Peter da Silva (at the National Academy of Sciencies, 1965, in a
particularly vivid fantasy)