Schneier on Security: A newly discovered piece of malware, Duqu, seems to be a precursor to the next Stuxnet-like worm and uses some of the same techniques as the original. Link to Source
Symantec: W32.Duqu: The Precursor to the Next Stuxnet
Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility. Read Full Article
F-Secure: Duqu – Stuxnet 2:
A new backdoor created by someone who had access to the source code of Stuxnet has been found.
Stuxnet source code is not out in-the-wild (only the binaries). Only the original authors have the source code. So, this new backdoorwas created by the same party that created Stuxnet. Read Full Article
Norman: W32/Duqu – Stuxnet lite?
Oct 18th, our competitor Symantec published an extensive report on a malware called Duqu, which appears to bear some resemblance to last year’s Stuxnet worm. This time the malware does not seem to be aimed at sabotage, but is instead made for intelligence gathering. Read Full Article
Wired: Son of Stuxnet Found in the Wild on Systems in Europe
Update, Oct 24, Added Avira Article too:
Avira: Stuxnet v2 or TR/Duqu
The Stuxnet virus has gone to the next generation: “TR/Duqu”.
Avira already detects the new malware since VDF 184.108.40.206, which was released on 2011-10-19. Read Full Article