It isn't an ordinary day until a hacker around the globe has done their dirty daily deeds by attacking a vulnerable entity. In the most recent events of hacker activity around the world, Kaspersky Lab releases a scathing report that about 140 banks and other enterprises have come under attack from malware that has evaded detection for what is said to be "a long period of time."
Among the 40-plus banking systems that have been found to be infected with a hard-to-detected form of malware, there are several governmental agencies and telecommunication companies located in the USA, Europe, Africa, and even South America that are being targeted by hackers in a strong of ongoing attacks using hard-to-detect malware.
Duqu Malware is Widespread and Derived from Stuxnet
The malware found to have infected a multitude of systems and has recently evaded detection is a peculiar type that has been around for many years. In fact, Kaspersky discovered virtually the same malware on their corporate network two years ago, and at the time it was given the name of Duqu 2.0. Computer security experts believe that Duqu is derived from Stuxnet, a popularized computer worm that was suspected to be a creation to target and sabotage the Iranian nuclear program. At the time of infection, Duqu 2.0 managed to reside on the networks of Kaspersky for at least 6 months without detection.
The underlying threat from Duqu 2.0, apart from its stealthy actions, is its ability to use legitimate system admin and security tools. Among the tools that it uses, such as PowerShell, Metasploit, and others, is that the threat has quickly spread. With over 40 countries having systems belonging to many government and telecommunications entities that have succumb to Duqu 2.0 in recent months, the victimized networks and systems are clueless as to being infected in the first place.
Outbreak of Duqu Malware may be Unsuspecting to most
In knowing that Duqu 2.0 could reside on a system that is part of something like a banking institution or a government system either controls large infrastructures or harbors large amounts of personal data belonging to citizens, the potential damage becomes unfathomable. Moreover, the lacking ability to properly detect and eliminate Duqu 2.0 for long periods of times, sometimes taken months to discover the threat, makes matters even worst.
The exact number of attacks conducted by Duqu is currently unknown other than the fact that it's spreading on a mass scale and doesn't show any signs of slowing down in the near future. Unless there is someone behind the proliferation of Duqu that comes forward to claim ownership, there will be a long road to travel in figuring out who is responsible for the attacks.
A number of the attacks so far have been used to collect passwords of system admins and remote administration of infected computers. Computer security experts and those alike may be forced to put their heads together to eventually combat Duqu while law enforcement ramp up their efforts to track down the culprits behind such a dangerous malware threat.