|
Duqu is a collection of computer Malware discovered on 1 September 2011, thought to be related to the Stuxnet worm. The Laboratory of Cryptography and System Security (CrySyS Lab)〔(【引用サイトリンク】 Laboratory of Cryptography and System Security (CrySyS) )〕 of the Budapest University of Technology and Economics in Hungary discovered the threat, analysed the malware, and wrote a 60-page report〔(【引用サイトリンク】 Duqu: A Stuxnet-like malware found in the wild, technical report )〕 naming the threat Duqu. Duqu got its name from the prefix "~DQ" it gives to the names of files it creates. ==Nomenclature== The term Duqu is used in a variety of ways: * Duqu malware is a variety of software components that together provide services to the attackers. Currently this includes information stealing capabilities and in the background, kernel drivers and injection tools. Part of this malware is written in unknown high level programming language,〔(Shawn Knight (2012) ) Duqu Trojan contains mystery programming language in Payload DLL〕 dubbed "Duqu framework". It is not C++, Python, Ada, Lua and many other checked languages. However, (recent evidence ) suggests that Duqu may have been written in C with a custom object oriented framework and compiled in Microsoft Visual Studio 2008. * Duqu flaw is the flaw in Microsoft Windows that is used in malicious files to execute malware components of Duqu. Currently one flaw is known, a TrueType-font related problem in win32k.sys. * Operation Duqu is the process of only using Duqu for unknown goals. The operation might be related to Operation Stuxnet. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Duqu」の詳細全文を読む スポンサード リンク
|