Breaking News

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA MSI Unveils MAG 272QP QD-OLED X50 Monitor Sony completes its INZONE gaming gear range with new headsets and more GIGABYTE Announces Availability of 27” QD-OLED Gaming Monitor AORUS FO27Q5P

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

The Duqu 2.0 Uses Foxconn's Digital Signature

The Duqu 2.0 Uses Foxconn's Digital Signature

Enterprise & IT Jun 16,2015 0

Researchers at Kaspersky Labs has taken a deeper look into the latest version of malware known as Duqu and they discovered that it used digital certificates from contract manufacturer Hon Hai Precision Industry, also known as Foxconn, to help mask its activity. Digital certificates are used for encrypting data and verifying the legitimacy of websites and applications.

The group that created Duqu is considered to be one of the most sophisticated cyberespionage teams. Researchers have noted the malware appears to be related to Stuxnet, the worm developed by the U.S. and Israel to sabotage Iran's nuclear program.

During previous research into Stuxnet and Duqu, the researchers had observed digitally signed malware (using malicious Jmicron and Realtek certs).

The digital certificates and signing malware on behalf of legitimate businesses seems to be a regular trick from the Duqu attackers. The security firm has no confirmation that any of these vendors have been compromised but indicators show that the Duqu attackers have a major interest in hardware manufacturers such as Foxconn, Realtek and Jmicron. This was confirmed in the 2014/2015 attacks, when Kaspersky observed infections associated with hardware manufacturers from APAC, including ICS and SCADA computer equipment manufacturers.

Besides these Duqu drivers the reseatches haven’t uncovered any other malware signed with the same certificates. That rules out the possibility that the certificates have been leaked and are being used by multiple groups. It also seems to indicate the Duqu attackers are the only ones who have access to these certificates, which strengthens the theory they hacked the hardware manufacturers in order to get these certificates.

Finally, the Duqu attackers seem to be careful enough not to use same digital certificate twice. If that’s true, then it means that the attackers might have enough alternative stolen digital certificates from other manufacturers that are ready to be used during the next targeted attack.

Kasperky labs has informed both Verisign and HON HAI about the use of the certificate to sign the Duqu 2.0 malware

Tags: Kaspersky
Previous Post
E3: New AMD Radeon R9 and R7 300 Series Graphics Line-Up Takes Advantage Of New HBM Technology
Next Post
SK Hynix Ramps Production of High Bandwidth Memory, Partners With AMD On New Radeon R9 Fury X Graphics Card

Related Posts

  • Hackers Target Microsoft Office's Vulnerabilities

  • Hackers Took Over Asus Software to Inject Malicious Code to Laptops

  • Kaspersky Lab Files Antitrust Complaint Against Apple

  • Cryptominers Gain Ground Over Ransomware

  • Kaspersky Lab Moving Core Infrastructure to Switzerland

  • Kaspersky Lab Denies Any kind of Misbehavior

  • Kaspersky Lab Takes Legal Action Against the U.S. Government Over Antivirus Software Ban

  • UK Cyber Security Agency Targets Kaspersky Software

Latest News

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point
Enterprise & IT

EnGenius Brings Wi-Fi 7 to Small Businesses with Affordable ECW510 Access Point

DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA
Drones

DJI to Showcase New Mic 3 and Full Product Portfolio at Berlin’s IFA

MSI Unveils MAG 272QP QD-OLED X50 Monitor
Consumer Electronics

MSI Unveils MAG 272QP QD-OLED X50 Monitor

Sony completes its INZONE gaming gear range with new headsets and more
Consumer Electronics

Sony completes its INZONE gaming gear range with new headsets and more

GIGABYTE Announces Availability of 27” QD-OLED Gaming Monitor AORUS FO27Q5P
Consumer Electronics

GIGABYTE Announces Availability of 27” QD-OLED Gaming Monitor AORUS FO27Q5P

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed