It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
(visit the link for the full news article)
Iran has confirmed some of its computer systems were infected with the Duqu trojan, but said it has found a way to control the malware.
Security organisations had previously identified Iran as one of at least eight countries targeted by the code.
The spyware is believed to have been designed to steal data to help launch further cyber attacks.
The sender has not been identified, but researchers have found a reference to a US television programme in Duqu's code.
The Iranian news agency, IRNA, reported that the country's cyber defence unit was taking steps to combat the infection.
Originally posted by GogoVicMorrow
reply to post by alchemist2012
Reference to a US television program. I don't know much about coding, why would that be found in there? Does it say what the reference is?
When the addressee opened the file the malware became active through a Truetype font exploit, but did nothing until it detected that there had been no keyboard or mouse activity for ten minutes. Kaspersky Lab said the font was called Dexter Regular and its creators were identified as Showtime Inc. "This is another prank pulled by the Duqu authors, since Showtime Inc is the cable broadcasting company behind the TV series Dexter, about a CSI doctor who happens also to be a serial killer," the report said.
Mark Twitchell Connections were established between Dexter Morgan and Mark Twitchell, of Edmonton, Alberta, Canada, during his first-degree murder trial. After weeks of testimony and gruesome evidence presented in court, Twitchell was found guilty of the planned and deliberate murder of 38-year-old Johnny Altinger on April 12, 2011.[26] Twitchell, an aspiring filmmaker, had adopted the persona "Dexter Morgan" on Facebook and made a movie that was similar to how Dexter operates.[27] Prosecutors alleged that Twitchell had begun a secret double life inspired by Dexter.[28] Twitchell wanted to reenact the life of Dexter Morgan, and after writing a script for a Dexter movie, began posing as a woman online interested in having affairs with married men.[29] Detective Mark Anstey of the Edmonton Police Service was quoted as saying, "We have a lot of information to suggest he definitely idolizes Dexter," and Twitchell had posted a Facebook status stating that he believed he had "way too much in common with Dexter Morgan."[30][31]
The attackers used Duqu to install another infostealer that could record keystrokes and gain other system information. The attackers were searching for assets that could be used in a future attack. In one case, the attackers did not appear to successfully exfiltrate any sensitive data, but details are not available in all cases. Two variants were recovered, and in reviewing our archive of submissions, the first recording of one of the binaries was on September 1, 2011. However, based on file compile times, attacks using these variants may have been conducted as early as December 2010.
One of the variant’s driver files was signed with a valid digital certificate that expires August 2, 2012. The digital certificate belongs to a company headquartered in Taipei, Taiwan. The certificate was revoked on October 14, 2011.
Originally posted by tooo many pills
The attackers used Duqu to install another infostealer that could record keystrokes and gain other system information. The attackers were searching for assets that could be used in a future attack. In one case, the attackers did not appear to successfully exfiltrate any sensitive data, but details are not available in all cases. Two variants were recovered, and in reviewing our archive of submissions, the first recording of one of the binaries was on September 1, 2011. However, based on file compile times, attacks using these variants may have been conducted as early as December 2010.
One of the variant’s driver files was signed with a valid digital certificate that expires August 2, 2012. The digital certificate belongs to a company headquartered in Taipei, Taiwan. The certificate was revoked on October 14, 2011.
www.symantec.com...
Hae not found the list of the 7 other countries but i would be willing o bet they are not our allies
Hrmm...?
Has anyone else found a list of the 7 other countries infected?
Originally posted by GogoVicMorrow
reply to post by alchemist2012
Nope.. We don't know if they are American or not. This show is internationally popular.
Case in point: A Canadian that committed crimes after "relating" to the shows character Dexter Morgan.
Mark Twitchell Connections were established between Dexter Morgan and Mark Twitchell, of Edmonton, Alberta, Canada, during his first-degree murder trial. After weeks of testimony and gruesome evidence presented in court, Twitchell was found guilty of the planned and deliberate murder of 38-year-old Johnny Altinger on April 12, 2011.[26] Twitchell, an aspiring filmmaker, had adopted the persona "Dexter Morgan" on Facebook and made a movie that was similar to how Dexter operates.[27] Prosecutors alleged that Twitchell had begun a secret double life inspired by Dexter.[28] Twitchell wanted to reenact the life of Dexter Morgan, and after writing a script for a Dexter movie, began posing as a woman online interested in having affairs with married men.[29] Detective Mark Anstey of the Edmonton Police Service was quoted as saying, "We have a lot of information to suggest he definitely idolizes Dexter," and Twitchell had posted a Facebook status stating that he believed he had "way too much in common with Dexter Morgan."[30][31]
en.wikipedia.org...
Also.. I highly doubt it's a citizen at all. The reference could just be thrown in to link it to popular western culture.edit on 14-11-2011 by GogoVicMorrow because: (no reason given)