Du er ikke logget ind
Beskrivelse
Duqu, the infamous malware from the Stuxnet family, made its return. First discovered in October 2011, Duqu was actively spying on digital certificate issuing authority in Hungary. The exposed malware was abandoned by its originators and added to a "blacklist" database of anti-virus software. After that initial discovery, Duqu had been out of the spotlight for almost four years, until one of the biggest names in cyber-security, Kaspersky Lab, announced that it recently detected the presence of the Duqu malware. Duqu was always after the high-profile targets but this time the malware was definitely in the wrong place. Duqu had been found alive and well within Kaspersky Lab's very own corporate computer network. That discovery had big implications not only for the ways anti-virus software detects intrusions but also for Kaspersky Lab itself. Usually malware, after being detected, has no means of fighting back. It was not the case with Duqu. Two years after its exposure, the Duqu malware had its revenge. In 2017, the USA, UK, and some other European countries issued a ban on the use of Kaspersky Lab computer security software on their government and military computers. Their decision was based on information presented to them by the originators of the Duqu malware, which had been quietly stealing data from inside of Kaspersky Lab's corporate computer network.In an unbelievable turn of events, detection of malware by one of the most recognizable names in information security industry led to a removal of Kaspersky Lab's anti-virus software from computers that by association require the most protection because they keep top secrets and constantly targeted by adversaries. To better understand how it could have happened, we need to start exploring the story about the Duqu malware, the only malware that had its revenge.