Beginning in mid-October 2011, McAfee Labs, along with a number of other vendors, were alerted to and began actively monitoring and acting upon reports of an emerging threat known as Duqu. It appears that the primary attack (the seeding and distribution of the malware) occurred in September and October. On March 20, 2012, a new sample was discovered.
There are many reasons for the escalated concern and reaction to this particular threat. In particular, the threat’s apparent relationship to the highly sophisticated Stuxnet attacks are reason enough to dig deeper and attempt to uncover the motivation, behavior, and overall effects of this threat. Through this outlet, we aim to ensure that our customers are provided with the most accurate and critical information surrounding this threat.
Find Out if Your System is Infected
Update your DATs to at least 6501, ensure on-demand scans are working properly, and perform a full file system virus scan. Review McAfee ePolicy Orchestrator, anti-virus alerts, and network logs to identify compromised systems.