[cryptography] [OT] Reworked Version of Stuxnet Relative Duqu Found in Iran
Jeffrey Walton
noloader at gmail.com
Wed Mar 28 20:39:00 PDT 2012
Hi Guys,
>From "Reworked Version of Stuxnet Relative Duqu Found in Iran,"
http://www.securitynewsdaily.com/1642-stuxnet-duqu-iran.html:
Duqu's builders also changed its encryption algorithm and
rigged the malware loader to pose as a Microsoft driver.
(The old driver was signed with a stolen Microsoft certificate.)
Is the stolen certificate related to Diginotar or some other incident?
Microsoft claims Diginotar issued certificates are inert
(http://www.computerworld.com/s/article/9219729/Microsoft_Stolen_SSL_certs_can_t_be_used_to_install_malware_via_Windows_Update).
Perhaps "Stolen encryption key the source of compromised certificate
problem, Symantec says,"
http://computerworld.co.nz/news.nsf/security/stolen-encryption-key-the-source-of-compromised-certificate-problem-symantec-says?
Jeff
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the Testlist
mailing list