Symantec Finds New Duqu Malware Variant

ymantec researchers recently uncovered a new version of the Duqu malware.

“Researchers from Symantec announced the discovery of a new Duqu driver, the component responsible for loading the malware’s encrypted body, on Monday via Twitter,” writes PCWorld’s Lucian Constantin. “The driver is called mcd9x86.sys and was compiled on Feb. 23, said Vikram Thakur, principal security response manager at Symantec.”

“The source code of the new driver has been reshuffled and compiled with a different set of options than those used in previous version,” Constantin writes. “It also contains a different subroutine for decrypting the configuration block and loading the malware’s body.”

Go to “Researchers Discover New Duqu Variant That Tries to Evade Antivirus Detection” to read the details.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s