<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>Duqu - Wikipedia</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-sticky-header-enabled vector-toc-available";var cookie=document.cookie.match(/(?:^|; )enwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy","wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"f53c347d-d298-4829-93f5-11c36ec49057","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"Duqu","wgTitle":"Duqu","wgCurRevisionId":1283270442,"wgRevisionId":1283270442,"wgArticleId":33515297,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["Webarchive template wayback links","Articles with short description","Short description is different from Wikidata","Use dmy dates from August 2016","Rootkits","Privilege escalation exploits","Cryptographic attacks","Exploit-based worms","Cyberwarfare","2011 in computing","Cyberwarfare in Iran","Cyberattacks on energy sector","Hacking in the 2010s"],"wgPageViewLanguage":"en","wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"Duqu","wgRelevantArticleId":33515297,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgNoticeProject":"wikipedia","wgCiteReferencePreviewsActive":false,"wgFlaggedRevsParams":{"tags":{"status":{"levels":1}}},"wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgPopupsFlags":0,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":10000,"wgEditSubmitButtonLabelPublish":true,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgWikibaseItemId":"Q911654","wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"],"GEHomepageSuggestedEditsEnableTopics":true,"wgGETopicsMatchModeEnabled":false,"wgGELevelingUpEnabledForUser":false}; RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","jquery.makeCollapsible.styles":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","site","mediawiki.page.ready","jquery.makeCollapsible","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.ReferenceTooltips","ext.gadget.switcher","ext.urlShortener.toolbar","ext.centralauth.centralautologin","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth","ext.eventLogging","ext.wikimediaEvents","ext.navigationTiming","ext.uls.interface","ext.cx.eventlogging.campaigns","ext.cx.uls.quick.actions","wikibase.client.vector-2022","ext.checkUser.clientHints","ext.quicksurveys.init","ext.growthExperiments.SuggestedEditSession"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=ext.cite.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediamessages.styles%7Cjquery.makeCollapsible.styles%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&amp;only=styles&amp;skin=vector-2022"> <script async="" src="/w/load.php?lang=en&amp;modules=startup&amp;only=scripts&amp;raw=1&amp;skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=site.styles&amp;only=styles&amp;skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.22"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="Duqu - Wikipedia"> <meta property="og:type" content="website"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//en.m.wikipedia.org/wiki/Duqu"> <link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=Duqu&amp;action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"> <link rel="icon" href="/static/favicon/wikipedia.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikipedia (en)"> <link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://en.wikipedia.org/wiki/Duqu"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en"> <link rel="alternate" type="application/atom+xml" title="Wikipedia Atom feed" href="/w/index.php?title=Special:RecentChanges&amp;feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="auth.wikimedia.org"> </head> <body class="skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-Duqu rootpage-Duqu skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" title="Main menu" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia"><span>Contents</span></a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events"><span>Current events</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x"><span>Random article</span></a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works"><span>About Wikipedia</span></a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia"><span>Contact us</span></a></li> </ul> </div> </div> <div id="p-interaction" class="vector-menu mw-portlet mw-portlet-interaction" > <div class="vector-menu-heading"> Contribute </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia"><span>Help</span></a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia"><span>Learn to edit</span></a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_upload_wizard" title="Add images or other media for use on Wikipedia"><span>Upload file</span></a></li><li id="n-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages"><span>Special pages</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikipedia.png" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="Wikipedia" src="/static/images/mobile/copyright/wikipedia-wordmark-en.svg" style="width: 7.5em; height: 1.125em;"> <img class="mw-logo-tagline" alt="The Free Encyclopedia" src="/static/images/mobile/copyright/wikipedia-tagline-en.svg" width="117" height="13" style="width: 7.3125em; height: 0.8125em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikipedia [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page&#039;s font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/?wmf_source=donate&amp;wmf_medium=sidebar&amp;wmf_campaign=en.wikipedia.org&amp;uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&amp;returnto=Duqu" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&amp;returnto=Duqu" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="Log in and more options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/?wmf_source=donate&amp;wmf_medium=sidebar&amp;wmf_campaign=en.wikipedia.org&amp;uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&amp;returnto=Duqu" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&amp;returnto=Duqu" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing"><span>learn more</span></a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"><!-- CentralNotice --></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">(Top)</div> </a> </li> <li id="toc-Nomenclature" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Nomenclature"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Nomenclature</span> </div> </a> <ul id="toc-Nomenclature-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Relationship_to_Stuxnet" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Relationship_to_Stuxnet"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>Relationship to Stuxnet</span> </div> </a> <ul id="toc-Relationship_to_Stuxnet-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Microsoft_Word_zero-day_exploit" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Microsoft_Word_zero-day_exploit"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>Microsoft Word zero-day exploit</span> </div> </a> <ul id="toc-Microsoft_Word_zero-day_exploit-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Purpose" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Purpose"> <div class="vector-toc-text"> <span class="vector-toc-numb">4</span> <span>Purpose</span> </div> </a> <ul id="toc-Purpose-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Command_and_control_servers" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Command_and_control_servers"> <div class="vector-toc-text"> <span class="vector-toc-numb">5</span> <span>Command and control servers</span> </div> </a> <ul id="toc-Command_and_control_servers-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-See_also" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#See_also"> <div class="vector-toc-text"> <span class="vector-toc-numb">6</span> <span>See also</span> </div> </a> <ul id="toc-See_also-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-References" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#References"> <div class="vector-toc-text"> <span class="vector-toc-numb">7</span> <span>References</span> </div> </a> <ul id="toc-References-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" title="Table of Contents" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading"><span class="mw-page-title-main">Duqu</span></h1> <div id="p-lang-btn" class="vector-dropdown mw-portlet mw-portlet-lang" > <input type="checkbox" id="p-lang-btn-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-p-lang-btn" class="vector-dropdown-checkbox mw-interlanguage-selector" aria-label="Go to an article in another language. Available in 10 languages" > <label id="p-lang-btn-label" for="p-lang-btn-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive mw-portlet-lang-heading-10" aria-hidden="true" ><span class="vector-icon mw-ui-icon-language-progressive mw-ui-icon-wikimedia-language-progressive"></span> <span class="vector-dropdown-label-text">10 languages</span> </label> <div class="vector-dropdown-content"> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li class="interlanguage-link interwiki-de mw-list-item"><a href="https://de.wikipedia.org/wiki/Duqu" title="Duqu – German" lang="de" hreflang="de" data-title="Duqu" data-language-autonym="Deutsch" data-language-local-name="German" class="interlanguage-link-target"><span>Deutsch</span></a></li><li class="interlanguage-link interwiki-es mw-list-item"><a href="https://es.wikipedia.org/wiki/Duqu" title="Duqu – Spanish" lang="es" hreflang="es" data-title="Duqu" data-language-autonym="Español" data-language-local-name="Spanish" class="interlanguage-link-target"><span>Español</span></a></li><li class="interlanguage-link interwiki-fa mw-list-item"><a href="https://fa.wikipedia.org/wiki/%D8%AF%D9%88%DA%A9%DB%8C%D9%88" title="دوکیو – Persian" lang="fa" hreflang="fa" data-title="دوکیو" data-language-autonym="فارسی" data-language-local-name="Persian" class="interlanguage-link-target"><span>فارسی</span></a></li><li class="interlanguage-link interwiki-fr mw-list-item"><a href="https://fr.wikipedia.org/wiki/Duqu" title="Duqu – French" lang="fr" hreflang="fr" data-title="Duqu" data-language-autonym="Français" data-language-local-name="French" class="interlanguage-link-target"><span>Français</span></a></li><li class="interlanguage-link interwiki-he mw-list-item"><a href="https://he.wikipedia.org/wiki/%D7%93%D7%95%D7%A7%D7%95_(%D7%A0%D7%95%D7%96%D7%A7%D7%94)" title="דוקו (נוזקה) – Hebrew" lang="he" hreflang="he" data-title="דוקו (נוזקה)" data-language-autonym="עברית" data-language-local-name="Hebrew" class="interlanguage-link-target"><span>עברית</span></a></li><li class="interlanguage-link interwiki-hu mw-list-item"><a href="https://hu.wikipedia.org/wiki/Duqu" title="Duqu – Hungarian" lang="hu" hreflang="hu" data-title="Duqu" data-language-autonym="Magyar" data-language-local-name="Hungarian" class="interlanguage-link-target"><span>Magyar</span></a></li><li class="interlanguage-link interwiki-ru mw-list-item"><a href="https://ru.wikipedia.org/wiki/Duqu" title="Duqu – Russian" lang="ru" hreflang="ru" data-title="Duqu" data-language-autonym="Русский" data-language-local-name="Russian" class="interlanguage-link-target"><span>Русский</span></a></li><li class="interlanguage-link interwiki-fi mw-list-item"><a href="https://fi.wikipedia.org/wiki/Duqu" title="Duqu – Finnish" lang="fi" hreflang="fi" data-title="Duqu" data-language-autonym="Suomi" data-language-local-name="Finnish" class="interlanguage-link-target"><span>Suomi</span></a></li><li class="interlanguage-link interwiki-tr mw-list-item"><a href="https://tr.wikipedia.org/wiki/Duqu" title="Duqu – Turkish" lang="tr" hreflang="tr" data-title="Duqu" data-language-autonym="Türkçe" data-language-local-name="Turkish" class="interlanguage-link-target"><span>Türkçe</span></a></li><li class="interlanguage-link interwiki-uk mw-list-item"><a href="https://uk.wikipedia.org/wiki/Duqu" title="Duqu – Ukrainian" lang="uk" hreflang="uk" data-title="Duqu" data-language-autonym="Українська" data-language-local-name="Ukrainian" class="interlanguage-link-target"><span>Українська</span></a></li> </ul> <div class="after-portlet after-portlet-lang"><span class="wb-langlinks-edit wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q911654#sitelinks-wikipedia" title="Edit interlanguage links" class="wbc-editpage">Edit links</a></span></div> </div> </div> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Duqu" title="View the content page [c]" accesskey="c"><span>Article</span></a></li><li id="ca-talk" class="vector-tab-noicon mw-list-item"><a href="/wiki/Talk:Duqu" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t"><span>Talk</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">English</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/Duqu"><span>Read</span></a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Duqu&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=Duqu&amp;action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/Duqu"><span>Read</span></a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Duqu&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=Duqu&amp;action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/Duqu" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/Duqu" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=Duqu&amp;oldid=1283270442" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=Duqu&amp;action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&amp;page=Duqu&amp;id=1283270442&amp;wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&amp;url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FDuqu"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&amp;url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FDuqu"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&amp;page=Duqu&amp;action=show-download-screen" title="Download this page as a PDF file"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=Duqu&amp;printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-wikibase" class="wb-otherproject-link wb-otherproject-wikibase-dataitem mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q911654" title="Structured data on this page hosted by Wikidata [g]" accesskey="g"><span>Wikidata item</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">Collection of computer malware discovered in 2011</div> <style data-mw-deduplicate="TemplateStyles:r1236090951">.mw-parser-output .hatnote{font-style:italic}.mw-parser-output div.hatnote{padding-left:1.6em;margin-bottom:0.5em}.mw-parser-output .hatnote i{font-style:normal}.mw-parser-output .hatnote+link+.hatnote{margin-top:-0.5em}@media print{body.ns-0 .mw-parser-output .hatnote{display:none!important}}</style><div role="note" class="hatnote navigation-not-searchable">For the version of malware announced in 2015, see <a href="/wiki/Duqu_2.0" title="Duqu 2.0">Duqu 2.0</a>.</div> <p> <b>Duqu</b> is a collection of computer <a href="/wiki/Malware" title="Malware">malware</a> discovered on 1 September 2011, thought by <a href="/wiki/Kaspersky_Labs" class="mw-redirect" title="Kaspersky Labs">Kaspersky Labs</a> to be related to the <a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a> worm<sup id="cite_ref-1" class="reference"><a href="#cite_note-1"><span class="cite-bracket">&#91;</span>1<span class="cite-bracket">&#93;</span></a></sup> and to have been created by <a href="/wiki/Unit_8200" title="Unit 8200">Unit 8200</a>.<sup id="cite_ref-2" class="reference"><a href="#cite_note-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-3" class="reference"><a href="#cite_note-3"><span class="cite-bracket">&#91;</span>3<span class="cite-bracket">&#93;</span></a></sup> Duqu has exploited <a href="/wiki/Microsoft_Windows" title="Microsoft Windows">Microsoft Windows</a>'s <a href="/wiki/Zero_day_vulnerability" class="mw-redirect" title="Zero day vulnerability">zero-day vulnerability</a>. The Laboratory of Cryptography and System Security (<a href="/wiki/CrySyS_Lab" title="CrySyS Lab">CrySyS Lab</a>)<sup id="cite_ref-4" class="reference"><a href="#cite_note-4"><span class="cite-bracket">&#91;</span>4<span class="cite-bracket">&#93;</span></a></sup> of the <a href="/wiki/Budapest_University_of_Technology_and_Economics" title="Budapest University of Technology and Economics">Budapest University of Technology and Economics</a> in <a href="/wiki/Hungary" title="Hungary">Hungary</a> discovered the threat, analysed the malware, and wrote a 60-page report<sup id="cite_ref-5" class="reference"><a href="#cite_note-5"><span class="cite-bracket">&#91;</span>5<span class="cite-bracket">&#93;</span></a></sup> naming the threat Duqu.<sup id="cite_ref-6" class="reference"><a href="#cite_note-6"><span class="cite-bracket">&#91;</span>6<span class="cite-bracket">&#93;</span></a></sup> Duqu got its name from the prefix "~DQ" it gives to the names of files it creates.<sup id="cite_ref-syamantecduqu_7-0" class="reference"><a href="#cite_note-syamantecduqu-7"><span class="cite-bracket">&#91;</span>7<span class="cite-bracket">&#93;</span></a></sup> </p> <meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading2"><h2 id="Nomenclature">Nomenclature</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=1" title="Edit section: Nomenclature"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The term Duqu is used in a variety of ways: </p> <ul><li><b>Duqu malware</b> is a variety of software components that together provide services to the attackers. Currently this includes information stealing capabilities and in the background, kernel drivers and injection tools. Part of this malware is written in unknown high-level programming language,<sup id="cite_ref-8" class="reference"><a href="#cite_note-8"><span class="cite-bracket">&#91;</span>8<span class="cite-bracket">&#93;</span></a></sup> dubbed "Duqu framework". It is not C++, Python, Ada, Lua and many other checked languages. However, it is suggested that Duqu may have been written in <a href="/wiki/C_(programming_language)" title="C (programming language)">C</a> with a custom <a href="/wiki/Object-oriented_programming" title="Object-oriented programming">object oriented</a> framework and compiled in <a href="/wiki/Microsoft_Visual_Studio_2008" class="mw-redirect" title="Microsoft Visual Studio 2008">Microsoft Visual Studio 2008</a>.<sup id="cite_ref-9" class="reference"><a href="#cite_note-9"><span class="cite-bracket">&#91;</span>9<span class="cite-bracket">&#93;</span></a></sup></li> <li><b>Duqu flaw</b> is the flaw in Microsoft Windows that is used in malicious files to execute malware components of Duqu. Currently one flaw is known, a <a href="/wiki/TrueType" title="TrueType">TrueType</a>-font related problem in <style data-mw-deduplicate="TemplateStyles:r886049734">.mw-parser-output .monospaced{font-family:monospace,monospace}</style><span class="monospaced">win32k.sys</span>.</li> <li><b>Operation Duqu</b> is the process of only using Duqu for unknown goals. The operation might be related to Operation Stuxnet.</li></ul> <div class="mw-heading mw-heading2"><h2 id="Relationship_to_Stuxnet">Relationship to Stuxnet</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=2" title="Edit section: Relationship to Stuxnet"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p><a href="/wiki/NortonLifeLock" class="mw-redirect" title="NortonLifeLock">Symantec</a>, based on the CrySyS team managed by Dr Thibault Gainche report, continued the analysis of the threat, which it called "nearly identical to Stuxnet, but with a completely different purpose", and published a detailed technical paper on it with a cut-down version of the original lab report as an appendix.<sup id="cite_ref-syamantecduqu_7-1" class="reference"><a href="#cite_note-syamantecduqu-7"><span class="cite-bracket">&#91;</span>7<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-Son_of_Stuxnet_10-0" class="reference"><a href="#cite_note-Son_of_Stuxnet-10"><span class="cite-bracket">&#91;</span>10<span class="cite-bracket">&#93;</span></a></sup> Symantec believes that Duqu was created by the same authors as <a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a>, or that the authors had access to the source code of Stuxnet. The worm, like Stuxnet, has a valid, but abused <a href="/wiki/Digital_signature" title="Digital signature">digital signature</a>, and collects information to prepare for future attacks.<sup id="cite_ref-syamantecduqu_7-2" class="reference"><a href="#cite_note-syamantecduqu-7"><span class="cite-bracket">&#91;</span>7<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-11" class="reference"><a href="#cite_note-11"><span class="cite-bracket">&#91;</span>11<span class="cite-bracket">&#93;</span></a></sup> </p><p><a href="/wiki/Mikko_Hypp%C3%B6nen" title="Mikko Hyppönen">Mikko Hyppönen</a>, Chief Research Officer for <a href="/wiki/F-Secure" title="F-Secure">F-Secure</a>, said that Duqu's kernel driver, <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r886049734" /><span class="monospaced">JMINET7.SYS</span>, was so similar to Stuxnet's <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r886049734" /><span class="monospaced">MRXCLS.SYS</span> that F-Secure's back-end system thought it was Stuxnet. Hyppönen further said that the key used to make Duqu's own digital signature (only observed in one case) was stolen from <a href="/wiki/C-Media" title="C-Media">C-Media</a>, located in Taipei, Taiwan. The certificates were due to expire on 2 August 2012 but were revoked on 14 October 2011 according to Symantec.<sup id="cite_ref-Son_of_Stuxnet_10-1" class="reference"><a href="#cite_note-Son_of_Stuxnet-10"><span class="cite-bracket">&#91;</span>10<span class="cite-bracket">&#93;</span></a></sup> </p><p>Another source, <a href="/wiki/Dell_SecureWorks" class="mw-redirect" title="Dell SecureWorks">Dell SecureWorks</a>, reports that Duqu may not be related to Stuxnet.<sup id="cite_ref-12" class="reference"><a href="#cite_note-12"><span class="cite-bracket">&#91;</span>12<span class="cite-bracket">&#93;</span></a></sup> However, there is considerable and growing evidence that Duqu is closely related to Stuxnet. </p><p>Experts compared the similarities and found three points of interest: </p> <ul><li>The installer exploits <a href="/wiki/Zero-day_attack" class="mw-redirect" title="Zero-day attack">zero-day</a> Windows kernel vulnerabilities.</li> <li>Components are signed with stolen digital keys.</li> <li>Duqu and Stuxnet are both highly targeted and related to the nuclear program of Iran.</li></ul> <div class="mw-heading mw-heading2"><h2 id="Microsoft_Word_zero-day_exploit">Microsoft Word zero-day exploit</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=3" title="Edit section: Microsoft Word zero-day exploit"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Like <a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a>, Duqu attacks <a href="/wiki/Microsoft_Windows" title="Microsoft Windows">Microsoft Windows</a> systems using a <a href="/wiki/Zero-day_vulnerability" title="Zero-day vulnerability">zero-day vulnerability</a>. The first-known installer (AKA dropper) file recovered and disclosed by CrySyS Lab uses a <a href="/wiki/Microsoft_Word" title="Microsoft Word">Microsoft Word</a> document that exploits the Win32k <a href="/wiki/TrueType_font" class="mw-redirect" title="TrueType font">TrueType font</a> parsing engine and allows execution.<sup id="cite_ref-13" class="reference"><a href="#cite_note-13"><span class="cite-bracket">&#91;</span>13<span class="cite-bracket">&#93;</span></a></sup> The Duqu dropper relates to font embedding, and thus relates to the workaround to restrict access to <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r886049734" /><span class="monospaced">T2EMBED.DLL</span>, which is a TrueType font parsing engine if the patch released by Microsoft in December 2011 is not yet installed.<sup id="cite_ref-14" class="reference"><a href="#cite_note-14"><span class="cite-bracket">&#91;</span>14<span class="cite-bracket">&#93;</span></a></sup> Microsoft identifier for the threat is MS11-087 (first advisory issued on 13 November 2011).<sup id="cite_ref-15" class="reference"><a href="#cite_note-15"><span class="cite-bracket">&#91;</span>15<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Purpose">Purpose</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=4" title="Edit section: Purpose"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Duqu looks for information that could be useful in attacking <a href="/wiki/Industrial_control_systems" class="mw-redirect" title="Industrial control systems">industrial control systems</a>. Its purpose is not to be destructive; the known components are trying to gather information.<sup id="cite_ref-16" class="reference"><a href="#cite_note-16"><span class="cite-bracket">&#91;</span>16<span class="cite-bracket">&#93;</span></a></sup> However, based on the modular structure of Duqu, special payload could be used to attack any type of computer system by any means and thus cyber-physical attacks based on Duqu might be possible. However, use of personal computer systems has been found to delete all recent information entered on the system, and in some cases total deletion of the computer's hard drive. Internal communications of Duqu are analysed by Symantec,<sup id="cite_ref-syamantecduqu_7-3" class="reference"><a href="#cite_note-syamantecduqu-7"><span class="cite-bracket">&#91;</span>7<span class="cite-bracket">&#93;</span></a></sup> but the actual and exact method how it replicates inside an attacked network is not yet fully known. </p><p>According to <a href="/wiki/McAfee" title="McAfee">McAfee</a>, one of Duqu's actions is to steal digital certificates (and corresponding private keys, as used in <a href="/wiki/Public-key_cryptography" title="Public-key cryptography">public-key cryptography</a>) from attacked computers to help future viruses appear as secure software.<sup id="cite_ref-17" class="reference"><a href="#cite_note-17"><span class="cite-bracket">&#91;</span>17<span class="cite-bracket">&#93;</span></a></sup> Duqu uses a 54×54 pixel <a href="/wiki/JPEG" title="JPEG">JPEG</a> file and encrypted dummy files as containers to smuggle data to its command and control center. Security experts are still analyzing the code to determine what information the communications contain. Initial research indicates that the original malware sample automatically removes itself after 36 days (the malware stores this setting in configuration files), which would limit its detection.<sup id="cite_ref-Son_of_Stuxnet_10-2" class="reference"><a href="#cite_note-Son_of_Stuxnet-10"><span class="cite-bracket">&#91;</span>10<span class="cite-bracket">&#93;</span></a></sup> </p><p>Key points are: </p> <ul><li>Executables developed after Stuxnet using the Stuxnet source code that have been discovered.</li> <li>The executables are designed to capture information such as keystrokes and system information.</li> <li>Current analysis shows no code related to industrial control systems, exploits, or self-replication.</li> <li>The executables have been found in a limited number of organizations, including those involved in the manufacturing of industrial control systems.</li> <li>The exfiltrated data may be used to enable a future Stuxnet-like attack, or might already have been used as the basis for the Stuxnet attack.</li></ul> <div class="mw-heading mw-heading2"><h2 id="Command_and_control_servers">Command and control servers</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=5" title="Edit section: Command and control servers"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Some of the <a href="/wiki/Command_and_control_server" class="mw-redirect" title="Command and control server">command and control servers</a> of Duqu have been analysed. It seems that the people running the attack had a predilection for <a href="/wiki/CentOS" title="CentOS">CentOS</a> 5.x servers, leading some researchers to believe that they had a<sup id="cite_ref-Suspected_Vulnerability_18-0" class="reference"><a href="#cite_note-Suspected_Vulnerability-18"><span class="cite-bracket">&#91;</span>18<span class="cite-bracket">&#93;</span></a></sup> <a href="/wiki/Zero-day_exploit" class="mw-redirect" title="Zero-day exploit">zero-day exploit</a> for it. Servers are scattered in many different countries, including <a href="/wiki/Germany" title="Germany">Germany</a>, <a href="/wiki/Belgium" title="Belgium">Belgium</a>, <a href="/wiki/Philippines" title="Philippines">Philippines</a>, <a href="/wiki/India" title="India">India</a> and <a href="/wiki/China" title="China">China</a>. <a href="/wiki/Kaspersky_Lab" title="Kaspersky Lab">Kaspersky</a> has published multiple blogposts on the command and control servers.<sup id="cite_ref-19" class="reference"><a href="#cite_note-19"><span class="cite-bracket">&#91;</span>19<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="See_also">See also</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=6" title="Edit section: See also"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <style data-mw-deduplicate="TemplateStyles:r1184024115">.mw-parser-output .div-col{margin-top:0.3em;column-width:30em}.mw-parser-output .div-col-small{font-size:90%}.mw-parser-output .div-col-rules{column-rule:1px solid #aaa}.mw-parser-output .div-col dl,.mw-parser-output .div-col ol,.mw-parser-output .div-col ul{margin-top:0}.mw-parser-output .div-col li,.mw-parser-output .div-col dd{page-break-inside:avoid;break-inside:avoid-column}</style><div class="div-col"> <ul><li><a href="/w/index.php?title=Cyber_electronic_warfare&amp;action=edit&amp;redlink=1" class="new" title="Cyber electronic warfare (page does not exist)">Cyber electronic warfare</a></li> <li><a href="/wiki/Cyber_security_standards" class="mw-redirect" title="Cyber security standards">Cyber security standards</a></li> <li><a href="/wiki/Cyberwarfare_in_the_United_States" class="mw-redirect" title="Cyberwarfare in the United States">Cyberwarfare in the United States</a></li> <li><a href="/wiki/Cyberweapon" title="Cyberweapon">Cyberweapon</a></li> <li><a href="/wiki/Flame_(malware)" title="Flame (malware)">Flame (malware)</a></li> <li><a href="/wiki/List_of_cyber_attack_threat_trends" class="mw-redirect" title="List of cyber attack threat trends">List of cyber attack threat trends</a></li> <li><a href="/wiki/Mahdi_(malware)" title="Mahdi (malware)">Mahdi (malware)</a></li> <li><a href="/wiki/Moonlight_Maze" title="Moonlight Maze">Moonlight Maze</a></li> <li><a href="/wiki/Operation_High_Roller" title="Operation High Roller">Operation High Roller</a></li> <li><a href="/wiki/Operation_Merlin" title="Operation Merlin">Operation Merlin</a></li> <li><a href="/wiki/Proactive_Cyber_Defence" class="mw-redirect" title="Proactive Cyber Defence">Proactive Cyber Defence</a></li> <li><a href="/wiki/Stars_virus" title="Stars virus">Stars virus</a></li> <li><a href="/wiki/Titan_Rain" title="Titan Rain">Titan Rain</a></li> <li><a href="/wiki/United_States_Cyber_Command" title="United States Cyber Command">United States Cyber Command</a></li> <li><a href="/wiki/Unit_8200" title="Unit 8200">Unit 8200</a></li></ul> </div> <div class="mw-heading mw-heading2"><h2 id="References">References</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Duqu&amp;action=edit&amp;section=7" title="Edit section: References"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <style data-mw-deduplicate="TemplateStyles:r1239543626">.mw-parser-output .reflist{margin-bottom:0.5em;list-style-type:decimal}@media screen{.mw-parser-output .reflist{font-size:90%}}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist reflist-columns references-column-width reflist-columns-2"> <ol class="references"> <li id="cite_note-1"><span class="mw-cite-backlink"><b><a href="#cite_ref-1">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html">How Israel Caught Russian Hackers Scouring the World for U.S. Secrets</a>, <i>New York Times</i></span> </li> <li id="cite_note-2"><span class="mw-cite-backlink"><b><a href="#cite_ref-2">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="https://medium.com/@jeffreycarr/nsa-unit-8200-and-malware-proliferation-dd6e075ce26e">NSA, Unit 8200, and Malware Proliferation</a> <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171025075216/https://medium.com/@jeffreycarr/nsa-unit-8200-and-malware-proliferation-dd6e075ce26e">Archived</a> 25 October 2017 at the <a href="/wiki/Wayback_Machine" title="Wayback Machine">Wayback Machine</a> Jeffrey Carr, Principal consultant at 20KLeague.com; Founder of Suits and Spooks; Author of “Inside Cyber Warfare (O’Reilly Media, 2009, 2011), medium.com, Aug 25, 2016</span> </li> <li id="cite_note-3"><span class="mw-cite-backlink"><b><a href="#cite_ref-3">^</a></b></span> <span class="reference-text"><style data-mw-deduplicate="TemplateStyles:r1238218222">.mw-parser-output cite.citation{font-style:inherit;word-wrap:break-word}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .citation:target{background-color:rgba(0,127,255,0.133)}.mw-parser-output .id-lock-free.id-lock-free a{background:url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited.id-lock-limited a,.mw-parser-output .id-lock-registration.id-lock-registration a{background:url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription.id-lock-subscription a{background:url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-ws-icon a{background:url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-free a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-limited a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-registration a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-subscription a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .cs1-ws-icon a{background-size:contain;padding:0 1em 0 0}.mw-parser-output .cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;color:var(--color-error,#d33)}.mw-parser-output .cs1-visible-error{color:var(--color-error,#d33)}.mw-parser-output .cs1-maint{display:none;color:#085;margin-left:0.3em}.mw-parser-output .cs1-kern-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}@media screen{.mw-parser-output .cs1-format{font-size:95%}html.skin-theme-clientpref-night .mw-parser-output .cs1-maint{color:#18911f}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .cs1-maint{color:#18911f}}</style><cite id="CITEREFCornish2021" class="citation book cs1">Cornish, Paul (4 November 2021). <a rel="nofollow" class="external text" href="https://books.google.com/books?id=p6pJEAAAQBAJ&amp;dq=Duqu+8200+israeli&amp;pg=PA634"><i>The Oxford Handbook of Cyber Security</i></a>. Oxford University Press. <a href="/wiki/ISBN_(identifier)" class="mw-redirect" title="ISBN (identifier)">ISBN</a>&#160;<a href="/wiki/Special:BookSources/978-0-19-252101-9" title="Special:BookSources/978-0-19-252101-9"><bdi>978-0-19-252101-9</bdi></a>. <q>Foreign sources routinely assert that Unit 8200 contribured to Stuxnet, Flame, Duqu and other sophisticated cyber campaigns.</q></cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=book&amp;rft.btitle=The+Oxford+Handbook+of+Cyber+Security&amp;rft.pub=Oxford+University+Press&amp;rft.date=2021-11-04&amp;rft.isbn=978-0-19-252101-9&amp;rft.aulast=Cornish&amp;rft.aufirst=Paul&amp;rft_id=https%3A%2F%2Fbooks.google.com%2Fbooks%3Fid%3Dp6pJEAAAQBAJ%26dq%3DDuqu%2B8200%2Bisraeli%26pg%3DPA634&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-4"><span class="mw-cite-backlink"><b><a href="#cite_ref-4">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.crysys.hu/">"Laboratory of Cryptography and System Security (CrySyS)"</a><span class="reference-accessdate">. Retrieved <span class="nowrap">4 November</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Laboratory+of+Cryptography+and+System+Security+%28CrySyS%29&amp;rft_id=http%3A%2F%2Fwww.crysys.hu%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-5"><span class="mw-cite-backlink"><b><a href="#cite_ref-5">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.crysys.hu/publications/files/bencsathPBF11duqu.pdf">"Duqu: A Stuxnet-like malware found in the wild, technical report"</a> <span class="cs1-format">(PDF)</span>. Laboratory of Cryptography of Systems Security (CrySyS). 14 October 2011.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Duqu%3A+A+Stuxnet-like+malware+found+in+the+wild%2C+technical+report&amp;rft.pub=Laboratory+of+Cryptography+of+Systems+Security+%28CrySyS%29&amp;rft.date=2011-10-14&amp;rft_id=http%3A%2F%2Fwww.crysys.hu%2Fpublications%2Ffiles%2FbencsathPBF11duqu.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-6"><span class="mw-cite-backlink"><b><a href="#cite_ref-6">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20121004111047/http://crysys.hu/in-the-press.html">"Statement on Duqu's initial analysis"</a>. Laboratory of Cryptography of Systems Security (CrySyS). 21 October 2011. Archived from <a rel="nofollow" class="external text" href="http://www.crysys.hu/in-the-press.html">the original</a> on 4 October 2012<span class="reference-accessdate">. Retrieved <span class="nowrap">25 October</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Statement+on+Duqu%27s+initial+analysis&amp;rft.pub=Laboratory+of+Cryptography+of+Systems+Security+%28CrySyS%29&amp;rft.date=2011-10-21&amp;rft_id=http%3A%2F%2Fwww.crysys.hu%2Fin-the-press.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-syamantecduqu-7"><span class="mw-cite-backlink">^ <a href="#cite_ref-syamantecduqu_7-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-syamantecduqu_7-1">^{<i><b>b</b></i>}</a> <a href="#cite_ref-syamantecduqu_7-2">^{<i><b>c</b></i>}</a> <a href="#cite_ref-syamantecduqu_7-3">^{<i><b>d</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20111213083345/http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf">"W32.Duqu – The precursor to the next Stuxnet (Version 1.4)"</a> <span class="cs1-format">(PDF)</span>. <a href="/wiki/NortonLifeLock" class="mw-redirect" title="NortonLifeLock">Symantec</a>. 23 November 2011. Archived from <a rel="nofollow" class="external text" href="http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf">the original</a> <span class="cs1-format">(PDF)</span> on 13 December 2011<span class="reference-accessdate">. Retrieved <span class="nowrap">30 December</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=W32.Duqu+%E2%80%93+The+precursor+to+the+next+Stuxnet+%28Version+1.4%29&amp;rft.pub=Symantec&amp;rft.date=2011-11-23&amp;rft_id=http%3A%2F%2Fwww.symantec.com%2Fcontent%2Fen%2Fus%2Fenterprise%2Fmedia%2Fsecurity_response%2Fwhitepapers%2Fw32_duqu_the_precursor_to_the_next_stuxnet.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-8"><span class="mw-cite-backlink"><b><a href="#cite_ref-8">^</a></b></span> <span class="reference-text"><a rel="nofollow" class="external text" href="http://www.techspot.com/news/47739-duqu-trojan-contains-mystery-programming-language-in-payload-dll.html">Shawn Knight (2012)</a> Duqu Trojan contains mystery programming language in Payload DLL</span> </li> <li id="cite_note-9"><span class="mw-cite-backlink"><b><a href="#cite_ref-9">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.securelist.com/en/blog/677/The_mystery_of_Duqu_Framework_solved">"Securelist &#124; Kaspersky's threat research and reports"</a>. 12 September 2023.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Securelist+%26%23124%3B+Kaspersky%27s+threat+research+and+reports&amp;rft.date=2023-09-12&amp;rft_id=http%3A%2F%2Fwww.securelist.com%2Fen%2Fblog%2F677%2FThe_mystery_of_Duqu_Framework_solved&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-Son_of_Stuxnet-10"><span class="mw-cite-backlink">^ <a href="#cite_ref-Son_of_Stuxnet_10-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-Son_of_Stuxnet_10-1">^{<i><b>b</b></i>}</a> <a href="#cite_ref-Son_of_Stuxnet_10-2">^{<i><b>c</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite id="CITEREFZetter2011" class="citation magazine cs1">Zetter, Kim (18 October 2011). <a rel="nofollow" class="external text" href="https://www.wired.com/threatlevel/2011/10/son-of-stuxnet-in-the-wild/">"Son of Stuxnet Found in the Wild on Systems in Europe"</a>. <i>Wired</i><span class="reference-accessdate">. Retrieved <span class="nowrap">21 October</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=Wired&amp;rft.atitle=Son+of+Stuxnet+Found+in+the+Wild+on+Systems+in+Europe&amp;rft.date=2011-10-18&amp;rft.aulast=Zetter&amp;rft.aufirst=Kim&amp;rft_id=https%3A%2F%2Fwww.wired.com%2Fthreatlevel%2F2011%2F10%2Fson-of-stuxnet-in-the-wild%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-11"><span class="mw-cite-backlink"><b><a href="#cite_ref-11">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.zeit.de/digital/internet/2011-10/computerwurm-duqu-stuxnet">"Virus Duqu alarmiert IT-Sicherheitsexperten"</a>. <i><a href="/wiki/Die_Zeit" title="Die Zeit">Die Zeit</a></i>. 19 October 2011<span class="reference-accessdate">. Retrieved <span class="nowrap">19 October</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=Die+Zeit&amp;rft.atitle=Virus+Duqu+alarmiert+IT-Sicherheitsexperten&amp;rft.date=2011-10-19&amp;rft_id=http%3A%2F%2Fwww.zeit.de%2Fdigital%2Finternet%2F2011-10%2Fcomputerwurm-duqu-stuxnet&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-12"><span class="mw-cite-backlink"><b><a href="#cite_ref-12">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://arstechnica.com/business/news/2011/10/spotted-in-iran-trojan-duqu-may-not-be-son-of-stuxnet-after-all.ars">"Spotted in Iran, trojan Duqu may not be "son of Stuxnet" after all"</a>. 27 October 2011<span class="reference-accessdate">. Retrieved <span class="nowrap">27 October</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Spotted+in+Iran%2C+trojan+Duqu+may+not+be+%22son+of+Stuxnet%22+after+all&amp;rft.date=2011-10-27&amp;rft_id=https%3A%2F%2Farstechnica.com%2Fbusiness%2Fnews%2F2011%2F10%2Fspotted-in-iran-trojan-duqu-may-not-be-son-of-stuxnet-after-all.ars&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-13"><span class="mw-cite-backlink"><b><a href="#cite_ref-13">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20111106151701/http://www.zdnet.com/blog/security/microsoft-issues-temporary-fix-it-for-duqu-zero-day/9764">"Microsoft issues temporary 'fix-it' for Duqu zero-day"</a>. <i><a href="/wiki/ZDNet" class="mw-redirect" title="ZDNet">ZDNet</a></i>. Archived from <a rel="nofollow" class="external text" href="https://www.zdnet.com/blog/security/microsoft-issues-temporary-fix-it-for-duqu-zero-day/9764">the original</a> on 6 November 2011<span class="reference-accessdate">. Retrieved <span class="nowrap">5 November</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=ZDNet&amp;rft.atitle=Microsoft+issues+temporary+%27fix-it%27+for+Duqu+zero-day&amp;rft_id=http%3A%2F%2Fwww.zdnet.com%2Fblog%2Fsecurity%2Fmicrosoft-issues-temporary-fix-it-for-duqu-zero-day%2F9764&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-14"><span class="mw-cite-backlink"><b><a href="#cite_ref-14">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation journal cs1"><a rel="nofollow" class="external text" href="https://technet.microsoft.com/en-us/security/advisory/2639658">"Microsoft Security Advisory (2639658)"</a>. <i>Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege</i>. 3 November 2011<span class="reference-accessdate">. Retrieved <span class="nowrap">5 November</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=Vulnerability+in+TrueType+Font+Parsing+Could+Allow+Elevation+of+Privilege&amp;rft.atitle=Microsoft+Security+Advisory+%282639658%29&amp;rft.date=2011-11-03&amp;rft_id=https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsecurity%2Fadvisory%2F2639658&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-15"><span class="mw-cite-backlink"><b><a href="#cite_ref-15">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://technet.microsoft.com/en-us/security/bulletin/ms11-087">"Microsoft Security Bulletin MS11-087 - Critical"</a><span class="reference-accessdate">. Retrieved <span class="nowrap">13 November</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Microsoft+Security+Bulletin+MS11-087+-+Critical&amp;rft_id=https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fsecurity%2Fbulletin%2Fms11-087&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-16"><span class="mw-cite-backlink"><b><a href="#cite_ref-16">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite id="CITEREFSteven_Cherry,_with_Larry_Constantine2011" class="citation web cs1">Steven Cherry, with Larry Constantine (14 December 2011). <a rel="nofollow" class="external text" href="https://archive.today/20120719071057/http://spectrum.ieee.org/podcast/telecom/security/sons-of-stuxnet">"Sons of Stuxnet"</a>. <a href="/wiki/IEEE_Spectrum" title="IEEE Spectrum">IEEE Spectrum</a>. Archived from <a rel="nofollow" class="external text" href="https://spectrum.ieee.org/podcast/telecom/security/sons-of-stuxnet">the original</a> on 19 July 2012.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Sons+of+Stuxnet&amp;rft.pub=IEEE+Spectrum&amp;rft.date=2011-12-14&amp;rft.au=Steven+Cherry%2C+with+Larry+Constantine&amp;rft_id=https%3A%2F%2Fspectrum.ieee.org%2Fpodcast%2Ftelecom%2Fsecurity%2Fsons-of-stuxnet&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-17"><span class="mw-cite-backlink"><b><a href="#cite_ref-17">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite id="CITEREFVenereSzor2011" class="citation web cs1">Venere, Guilherme; Szor, Peter (18 October 2011). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20160531101034/https://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%e2%80%93-further-tales-of-the-stuxnet-files/">"The Day of the Golden Jackal – The Next Tale in the Stuxnet Files: Duqu"</a>. <a href="/wiki/McAfee" title="McAfee">McAfee</a>. Archived from <a rel="nofollow" class="external text" href="http://blogs.mcafee.com/mcafee-labs/the-day-of-the-golden-jackal-%E2%80%93-further-tales-of-the-stuxnet-files">the original</a> on 31 May 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">19 October</span> 2011</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=The+Day+of+the+Golden+Jackal+%E2%80%93+The+Next+Tale+in+the+Stuxnet+Files%3A+Duqu&amp;rft.pub=McAfee&amp;rft.date=2011-10-18&amp;rft.aulast=Venere&amp;rft.aufirst=Guilherme&amp;rft.au=Szor%2C+Peter&amp;rft_id=http%3A%2F%2Fblogs.mcafee.com%2Fmcafee-labs%2Fthe-day-of-the-golden-jackal-%25E2%2580%2593-further-tales-of-the-stuxnet-files&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-Suspected_Vulnerability-18"><span class="mw-cite-backlink"><b><a href="#cite_ref-Suspected_Vulnerability_18-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite id="CITEREFGarmon" class="citation web cs1">Garmon, Matthew. <a rel="nofollow" class="external text" href="http://www.mattgarmon.com/">"In Command &amp; Out of Control"</a>. <i>Matt Garmon</i>. DIG.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=Matt+Garmon&amp;rft.atitle=In+Command+%26+Out+of+Control&amp;rft.aulast=Garmon&amp;rft.aufirst=Matthew&amp;rft_id=http%3A%2F%2Fwww.mattgarmon.com%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> <li id="cite_note-19"><span class="mw-cite-backlink"><b><a href="#cite_ref-19">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222" /><cite id="CITEREFKamluk2011" class="citation web cs1">Kamluk, Vitaly (30 November 2011). <a rel="nofollow" class="external text" href="http://www.securelist.com/en/blog/625/The_Mystery_of_Duqu_Part_Six_The_Command_and_Control_servers">"The Mystery of Duqu: Part Six (The Command and Control servers)"</a>. <i>Securelist by Kaspersky</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20220607172949/https://securelist.com/the-mystery-of-duqu-part-six-the-command-and-control-servers-36/31863/">Archived</a> from the original on 7 June 2022<span class="reference-accessdate">. Retrieved <span class="nowrap">7 June</span> 2022</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=Securelist+by+Kaspersky&amp;rft.atitle=The+Mystery+of+Duqu%3A+Part+Six+%28The+Command+and+Control+servers%29&amp;rft.date=2011-11-30&amp;rft.aulast=Kamluk&amp;rft.aufirst=Vitaly&amp;rft_id=http%3A%2F%2Fwww.securelist.com%2Fen%2Fblog%2F625%2FThe_Mystery_of_Duqu_Part_Six_The_Command_and_Control_servers&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3ADuqu" class="Z3988"></span></span> </li> </ol></div> <div class="navbox-styles"><style data-mw-deduplicate="TemplateStyles:r1129693374">.mw-parser-output .hlist dl,.mw-parser-output .hlist ol,.mw-parser-output .hlist ul{margin:0;padding:0}.mw-parser-output .hlist dd,.mw-parser-output .hlist dt,.mw-parser-output .hlist li{margin:0;display:inline}.mw-parser-output .hlist.inline,.mw-parser-output .hlist.inline dl,.mw-parser-output .hlist.inline ol,.mw-parser-output .hlist.inline ul,.mw-parser-output .hlist dl dl,.mw-parser-output .hlist dl ol,.mw-parser-output .hlist dl ul,.mw-parser-output .hlist ol dl,.mw-parser-output .hlist ol ol,.mw-parser-output .hlist ol ul,.mw-parser-output .hlist ul dl,.mw-parser-output .hlist ul ol,.mw-parser-output .hlist ul ul{display:inline}.mw-parser-output .hlist .mw-empty-li{display:none}.mw-parser-output .hlist dt::after{content:": "}.mw-parser-output .hlist dd::after,.mw-parser-output .hlist li::after{content:" · ";font-weight:bold}.mw-parser-output .hlist dd:last-child::after,.mw-parser-output .hlist dt:last-child::after,.mw-parser-output .hlist li:last-child::after{content:none}.mw-parser-output .hlist dd dd:first-child::before,.mw-parser-output .hlist dd dt:first-child::before,.mw-parser-output .hlist dd li:first-child::before,.mw-parser-output .hlist dt dd:first-child::before,.mw-parser-output .hlist dt dt:first-child::before,.mw-parser-output .hlist dt li:first-child::before,.mw-parser-output .hlist li dd:first-child::before,.mw-parser-output .hlist li dt:first-child::before,.mw-parser-output .hlist li li:first-child::before{content:" (";font-weight:normal}.mw-parser-output .hlist dd dd:last-child::after,.mw-parser-output .hlist dd dt:last-child::after,.mw-parser-output .hlist dd li:last-child::after,.mw-parser-output .hlist dt dd:last-child::after,.mw-parser-output .hlist dt dt:last-child::after,.mw-parser-output .hlist dt li:last-child::after,.mw-parser-output .hlist li dd:last-child::after,.mw-parser-output .hlist li dt:last-child::after,.mw-parser-output .hlist li li:last-child::after{content:")";font-weight:normal}.mw-parser-output .hlist ol{counter-reset:listitem}.mw-parser-output .hlist ol>li{counter-increment:listitem}.mw-parser-output .hlist ol>li::before{content:" "counter(listitem)"\a0 "}.mw-parser-output .hlist dd ol>li:first-child::before,.mw-parser-output .hlist dt ol>li:first-child::before,.mw-parser-output .hlist li ol>li:first-child::before{content:" ("counter(listitem)"\a0 "}</style><style data-mw-deduplicate="TemplateStyles:r1236075235">.mw-parser-output .navbox{box-sizing:border-box;border:1px solid #a2a9b1;width:100%;clear:both;font-size:88%;text-align:center;padding:1px;margin:1em auto 0}.mw-parser-output .navbox .navbox{margin-top:0}.mw-parser-output .navbox+.navbox,.mw-parser-output .navbox+.navbox-styles+.navbox{margin-top:-1px}.mw-parser-output .navbox-inner,.mw-parser-output .navbox-subgroup{width:100%}.mw-parser-output .navbox-group,.mw-parser-output .navbox-title,.mw-parser-output .navbox-abovebelow{padding:0.25em 1em;line-height:1.5em;text-align:center}.mw-parser-output .navbox-group{white-space:nowrap;text-align:right}.mw-parser-output .navbox,.mw-parser-output .navbox-subgroup{background-color:#fdfdfd}.mw-parser-output .navbox-list{line-height:1.5em;border-color:#fdfdfd}.mw-parser-output .navbox-list-with-group{text-align:left;border-left-width:2px;border-left-style:solid}.mw-parser-output tr+tr>.navbox-abovebelow,.mw-parser-output tr+tr>.navbox-group,.mw-parser-output tr+tr>.navbox-image,.mw-parser-output tr+tr>.navbox-list{border-top:2px solid #fdfdfd}.mw-parser-output .navbox-title{background-color:#ccf}.mw-parser-output .navbox-abovebelow,.mw-parser-output .navbox-group,.mw-parser-output .navbox-subgroup .navbox-title{background-color:#ddf}.mw-parser-output .navbox-subgroup .navbox-group,.mw-parser-output .navbox-subgroup .navbox-abovebelow{background-color:#e6e6ff}.mw-parser-output .navbox-even{background-color:#f7f7f7}.mw-parser-output .navbox-odd{background-color:transparent}.mw-parser-output .navbox .hlist td dl,.mw-parser-output .navbox .hlist td ol,.mw-parser-output .navbox .hlist td ul,.mw-parser-output .navbox td.hlist dl,.mw-parser-output .navbox td.hlist ol,.mw-parser-output .navbox td.hlist ul{padding:0.125em 0}.mw-parser-output .navbox .navbar{display:block;font-size:100%}.mw-parser-output .navbox-title .navbar{float:left;text-align:left;margin-right:0.5em}body.skin--responsive .mw-parser-output .navbox-image img{max-width:none!important}@media print{body.ns-0 .mw-parser-output .navbox{display:none!important}}</style></div><div role="navigation" class="navbox" aria-labelledby="Hacking_in_the_2010s789" style="padding:3px"><table class="nowraplinks hlist mw-collapsible autocollapse navbox-inner" style="border-spacing:0;background:transparent;color:inherit"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1129693374" /><style data-mw-deduplicate="TemplateStyles:r1239400231">.mw-parser-output .navbar{display:inline;font-size:88%;font-weight:normal}.mw-parser-output .navbar-collapse{float:left;text-align:left}.mw-parser-output .navbar-boxtext{word-spacing:0}.mw-parser-output .navbar ul{display:inline-block;white-space:nowrap;line-height:inherit}.mw-parser-output .navbar-brackets::before{margin-right:-0.125em;content:"[ "}.mw-parser-output .navbar-brackets::after{margin-left:-0.125em;content:" ]"}.mw-parser-output .navbar li{word-spacing:-0.125em}.mw-parser-output .navbar a>span,.mw-parser-output .navbar a>abbr{text-decoration:inherit}.mw-parser-output .navbar-mini abbr{font-variant:small-caps;border-bottom:none;text-decoration:none;cursor:inherit}.mw-parser-output .navbar-ct-full{font-size:114%;margin:0 7em}.mw-parser-output .navbar-ct-mini{font-size:114%;margin:0 4em}html.skin-theme-clientpref-night .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}@media(prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}}@media print{.mw-parser-output .navbar{display:none!important}}</style><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:Hacking_in_the_2010s" title="Template:Hacking in the 2010s"><abbr title="View this template">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:Hacking_in_the_2010s" title="Template talk:Hacking in the 2010s"><abbr title="Discuss this template">t</abbr></a></li><li class="nv-edit"><a href="/wiki/Special:EditPage/Template:Hacking_in_the_2010s" title="Special:EditPage/Template:Hacking in the 2010s"><abbr title="Edit this template">e</abbr></a></li></ul></div><div id="Hacking_in_the_2010s789" style="font-size:114%;margin:0 4em">Hacking in the 2010s</div></th></tr><tr><td class="navbox-abovebelow" colspan="2"><div><table style="width:100%; margin:1px; display:inline-table;"><tbody><tr> <td style="text-align:left; vertical-align:middle; padding:0 0.5em 0 0;" class="noprint">&#8592;&#160;<a href="/wiki/Template:Hacking_in_the_2000s" title="Template:Hacking in the 2000s">2000s</a></td> <td style="text-align:center; vertical-align:middle;; padding:0 1px;" class=""><a href="/wiki/Timeline_of_computer_security_hacker_history#2010s" class="mw-redirect" title="Timeline of computer security hacker history">Timeline</a></td> <td style="text-align:right; vertical-align:middle;; padding:0 0 0 0.5em;" class="noprint"><a href="/wiki/Template:Hacking_in_the_2020s" title="Template:Hacking in the 2020s">2020s</a>&#160;&#8594;</td> </tr></tbody></table></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major incidents</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Operation_Aurora" title="Operation Aurora">Operation Aurora</a> (publication of 2009 events)</li> <li><a href="/wiki/February_2010_Australian_cyberattacks" title="February 2010 Australian cyberattacks">Australian cyberattacks</a></li> <li><a href="/wiki/Operation_Olympic_Games" title="Operation Olympic Games">Operation Olympic Games</a></li> <li><a href="/wiki/Shadow_Network" title="Shadow Network">Operation ShadowNet</a></li> <li><a href="/wiki/Operation_Payback" title="Operation Payback">Operation Payback</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2011_Canadian_government_hackings" title="2011 Canadian government hackings">Canadian government</a></li> <li><a href="/wiki/DigiNotar" title="DigiNotar">DigiNotar</a></li> <li><a href="/wiki/DNSChanger" title="DNSChanger">DNSChanger</a></li> <li><a href="/wiki/HBGary" title="HBGary">HBGary Federal</a></li> <li><a href="/wiki/Operation_AntiSec" title="Operation AntiSec">Operation AntiSec</a></li> <li><a href="/wiki/2011_PlayStation_Network_outage" title="2011 PlayStation Network outage">PlayStation network outage</a></li> <li><a href="/wiki/RSA_SecurID#March_2011_system_compromise" title="RSA SecurID">RSA SecurID compromise</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2012_LinkedIn_hack" title="2012 LinkedIn hack">LinkedIn hack</a></li> <li><a href="/wiki/Stratfor_email_leak" title="Stratfor email leak">Stratfor email leak</a></li> <li><a href="/wiki/Operation_High_Roller" title="Operation High Roller">Operation High Roller</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">South Korea cyberattack</a></li> <li><a href="/wiki/Snapchat#December_2013_hack" title="Snapchat">Snapchat hack</a></li> <li><a href="/wiki/June_25_cyber_terror" class="mw-redirect" title="June 25 cyber terror">Cyberterrorism attack of June 25</a></li> <li><a href="/wiki/Yahoo_data_breaches#August_2013:_breach" title="Yahoo data breaches">2013 Yahoo! data breach</a></li> <li><a href="/wiki/2013_Singapore_cyberattacks" title="2013 Singapore cyberattacks">Singapore cyberattacks</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Anthem_medical_data_breach" title="Anthem medical data breach">Anthem medical data breach</a></li> <li><a href="/wiki/Operation_Tovar" title="Operation Tovar">Operation Tovar</a></li> <li><a href="/wiki/2014_celebrity_nude_photo_leak" title="2014 celebrity nude photo leak">2014 celebrity nude photo leak</a></li> <li><a href="/wiki/2014_JPMorgan_Chase_data_breach" title="2014 JPMorgan Chase data breach">2014 JPMorgan Chase data breach</a></li> <li><a href="/wiki/2014_Sony_Pictures_hack" title="2014 Sony Pictures hack">2014 Sony Pictures hack</a></li> <li><a href="/wiki/2014_Russian_hacker_password_theft" title="2014 Russian hacker password theft">Russian hacker password theft</a></li> <li><a href="/wiki/Yahoo_data_breaches#Late_2014:_breach" title="Yahoo data breaches">2014 Yahoo! data breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Office_of_Personnel_Management_data_breach" title="Office of Personnel Management data breach">Office of Personnel Management data breach</a></li> <li><a href="/wiki/HackingTeam#2015_data_breach" title="HackingTeam">HackingTeam</a></li> <li><a href="/wiki/Ashley_Madison_data_breach" title="Ashley Madison data breach">Ashley Madison data breach</a></li> <li><a href="/wiki/VTech#2015_data_breach" title="VTech">VTech data breach</a></li> <li><a href="/wiki/2015_Ukraine_power_grid_hack" title="2015 Ukraine power grid hack">Ukrainian Power Grid Cyberattack</a></li> <li><a href="/wiki/2015%E2%80%932016_SWIFT_banking_hack" title="2015–2016 SWIFT banking hack">SWIFT banking hack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Bangladesh_Bank_robbery" title="Bangladesh Bank robbery">Bangladesh Bank robbery</a></li> <li><a href="/wiki/Hollywood_Presbyterian_Medical_Center#Ransomware" title="Hollywood Presbyterian Medical Center">Hollywood Presbyterian Medical Center ransomware incident</a></li> <li><a href="/wiki/Commission_on_Elections_data_breach" title="Commission on Elections data breach">Commission on Elections data breach</a></li> <li><a href="/wiki/Democratic_National_Committee_cyber_attacks" title="Democratic National Committee cyber attacks">Democratic National Committee cyber attacks</a></li> <li><a href="/wiki/Vietnamese_airports_hackings" title="Vietnamese airports hackings">Vietnam Airport Hacks</a></li> <li><a href="/wiki/Democratic_Congressional_Campaign_Committee_cyber_attacks" title="Democratic Congressional Campaign Committee cyber attacks">DCCC cyber attacks</a></li> <li><a href="/wiki/2016_Indian_bank_data_breach" title="2016 Indian bank data breach">Indian Bank data breaches</a></li> <li><a href="/wiki/Surkov_leaks" title="Surkov leaks">Surkov leaks</a></li> <li><a href="/wiki/DDoS_attacks_on_Dyn" title="DDoS attacks on Dyn">Dyn cyberattack</a></li> <li><a href="/wiki/Russian_interference_in_the_2016_United_States_elections" title="Russian interference in the 2016 United States elections">Russian interference in the 2016 U.S. elections</a></li> <li><a href="/wiki/2016_Bitfinex_hack" title="2016 Bitfinex hack">2016 Bitfinex hack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/SHA-1#SHAttered_–_first_public_collision" title="SHA-1">SHAttered</a></li> <li><a href="/wiki/2017_Macron_e-mail_leaks" title="2017 Macron e-mail leaks">2017 Macron e-mail leaks</a></li> <li><a href="/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack">WannaCry ransomware attack</a></li> <li><a href="/wiki/2017_Westminster_data_breach" title="2017 Westminster data breach">Westminster data breach</a></li> <li><a href="/wiki/Petya_(malware_family)" title="Petya (malware family)">Petya and NotPetya</a> <ul><li><a href="/wiki/2017_Ukraine_ransomware_attacks" title="2017 Ukraine ransomware attacks">2017 Ukraine ransomware attacks</a></li></ul></li> <li><a href="/wiki/2017_Equifax_data_breach" title="2017 Equifax data breach">Equifax data breach</a></li> <li><a href="/wiki/Deloitte#E-mail_hack" title="Deloitte">Deloitte breach</a></li> <li><a href="/wiki/Disqus#October_2017_security_breach" title="Disqus">Disqus breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Trustico#DigiCert_and_Trustico_spat,_2018" title="Trustico">Trustico</a></li> <li><a href="/wiki/Atlanta_government_ransomware_attack" title="Atlanta government ransomware attack">Atlanta cyberattack</a></li> <li><a href="/wiki/2018_SingHealth_data_breach" title="2018 SingHealth data breach">SingHealth data breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2019_cyberattacks_on_Sri_Lanka" title="2019 cyberattacks on Sri Lanka">Sri Lanka cyberattack</a></li> <li><a href="/wiki/2019_Baltimore_ransomware_attack" title="2019 Baltimore ransomware attack">Baltimore ransomware attack</a></li> <li><a href="/wiki/2019_Bulgarian_Revenue_Agency_hack" title="2019 Bulgarian Revenue Agency hack">Bulgarian revenue agency hack</a></li> <li><a href="/wiki/WhatsApp_snooping_scandal" title="WhatsApp snooping scandal">WhatsApp snooping scandal</a></li> <li><a href="/wiki/Jeff_Bezos_phone_hacking_incident" title="Jeff Bezos phone hacking incident">Jeff Bezos phone hacking incident</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacktivism" title="Hacktivism">Hacktivism</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Anonymous_(hacker_group)" title="Anonymous (hacker group)">Anonymous</a> <ul><li><a href="/wiki/Timeline_of_events_associated_with_Anonymous" title="Timeline of events associated with Anonymous">associated events</a></li></ul></li> <li><a href="/wiki/CyberBerkut" title="CyberBerkut">CyberBerkut</a></li> <li><a href="/wiki/Gay_Nigger_Association_of_America" title="Gay Nigger Association of America">GNAA</a></li> <li><a href="/wiki/Goatse_Security" title="Goatse Security">Goatse Security</a></li> <li><a href="/wiki/Lizard_Squad" title="Lizard Squad">Lizard Squad</a></li> <li><a href="/wiki/LulzRaft" title="LulzRaft">LulzRaft</a></li> <li><a href="/wiki/LulzSec" title="LulzSec">LulzSec</a></li> <li><a href="/wiki/DDoS_attacks_on_Dyn#PerpetratorsNew_World_Hackers" title="DDoS attacks on Dyn">DDoS attacks on Dyn#PerpetratorsNew World Hackers</a></li> <li><a href="/wiki/NullCrew" title="NullCrew">NullCrew</a></li> <li><a href="/wiki/OurMine" title="OurMine">OurMine</a></li> <li><a href="/wiki/PayPal_14" title="PayPal 14">PayPal 14</a></li> <li><a href="/wiki/RedHack" title="RedHack">RedHack</a></li> <li><a href="/wiki/Teamp0ison" title="Teamp0ison">Teamp0ison</a></li> <li><a href="/wiki/The_Dark_Overlord_(hacker_group)" title="The Dark Overlord (hacker group)">TDO</a></li> <li><a href="/wiki/UGNazi" title="UGNazi">UGNazi</a></li> <li><a href="/wiki/Ukrainian_Cyber_Alliance" title="Ukrainian Cyber Alliance">Ukrainian Cyber Alliance</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Advanced_persistent_threat" title="Advanced persistent threat">Advanced<br />persistent threats</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Bangladesh_Black_Hat_Hackers" title="Bangladesh Black Hat Hackers">Bangladesh Black Hat Hackers</a></li> <li><a href="/wiki/Bureau_121" title="Bureau 121">Bureau 121</a></li> <li><a href="/wiki/Charming_Kitten" title="Charming Kitten">Charming Kitten</a></li> <li><a href="/wiki/Cozy_Bear" title="Cozy Bear">Cozy Bear</a></li> <li><a href="/wiki/Dark_Basin" title="Dark Basin">Dark Basin</a></li> <li><a href="/wiki/DarkMatter_Group" title="DarkMatter Group">DarkMatter</a></li> <li><a href="/wiki/Elfin_Team" title="Elfin Team">Elfin Team</a></li> <li><a href="/wiki/Equation_Group" title="Equation Group">Equation Group</a></li> <li><a href="/wiki/Fancy_Bear" title="Fancy Bear">Fancy Bear</a></li> <li><a href="/wiki/Stuxnet#History" title="Stuxnet">GOSSIPGIRL</a> (confederation)</li> <li><a href="/wiki/Guccifer_2.0" title="Guccifer 2.0">Guccifer 2.0</a></li> <li><a href="/wiki/HackingTeam" title="HackingTeam">Hacking Team</a></li> <li><a href="/wiki/Helix_Kitten" title="Helix Kitten">Helix Kitten</a></li> <li><a href="/wiki/Iranian_Cyber_Army" title="Iranian Cyber Army">Iranian Cyber Army</a></li> <li><a href="/wiki/Lazarus_Group" title="Lazarus Group">Lazarus Group</a> <ul><li><a href="/wiki/Lazarus_Group#BlueNorOff" title="Lazarus Group">BlueNorOff</a></li> <li><a href="/wiki/Lazarus_Group#AndAriel" title="Lazarus Group">AndAriel</a></li></ul></li> <li><a href="/wiki/NSO_Group" title="NSO Group">NSO Group</a></li> <li><a href="/wiki/Numbered_Panda" title="Numbered Panda">Numbered Panda</a></li> <li><a href="/wiki/PLA_Unit_61398" title="PLA Unit 61398">PLA Unit 61398</a></li> <li><a href="/wiki/PLA_Unit_61486" title="PLA Unit 61486">PLA Unit 61486</a></li> <li><a href="/wiki/PLATINUM_(cybercrime_group)" title="PLATINUM (cybercrime group)">PLATINUM</a></li> <li><a href="/wiki/Pranknet" title="Pranknet">Pranknet</a></li> <li><a href="/wiki/Red_Apollo" title="Red Apollo">Red Apollo</a></li> <li><a href="/wiki/Rocket_Kitten" title="Rocket Kitten">Rocket Kitten</a></li> <li><a href="/wiki/Stealth_Falcon" title="Stealth Falcon">Stealth Falcon</a></li> <li><a href="/wiki/Syrian_Electronic_Army" title="Syrian Electronic Army">Syrian Electronic Army</a></li> <li><a href="/wiki/Tailored_Access_Operations" title="Tailored Access Operations">Tailored Access Operations</a></li> <li><a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a></li> <li><a href="/wiki/XDedic" title="XDedic">xDedic</a></li> <li><a href="/wiki/Yemen_Cyber_Army" title="Yemen Cyber Army">Yemen Cyber Army</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacker" title="Hacker">Individuals</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Ryan_Ackroyd" title="Ryan Ackroyd">Ryan Ackroyd</a></li> <li><a href="/wiki/Mustafa_Al-Bassam" title="Mustafa Al-Bassam">Mustafa Al-Bassam</a></li> <li><a href="/wiki/George_Hotz" title="George Hotz">George Hotz</a></li> <li><a href="/wiki/Guccifer" title="Guccifer">Guccifer</a></li> <li><a href="/wiki/Elliott_Gunton" title="Elliott Gunton">Elliott Gunton</a></li> <li><a href="/wiki/Jeremy_Hammond" title="Jeremy Hammond">Jeremy Hammond</a></li> <li><a href="/wiki/Junaid_Hussain" title="Junaid Hussain">Junaid Hussain</a></li> <li><a href="/wiki/MLT_(hacktivist)" title="MLT (hacktivist)">MLT</a></li> <li><a href="/wiki/Hector_Monsegur" title="Hector Monsegur">Sabu</a></li> <li><a href="/wiki/Roman_Seleznev" title="Roman Seleznev">Track2</a></li> <li><a href="/wiki/Topiary_(hacktivist)" title="Topiary (hacktivist)">Topiary</a></li> <li><a href="/wiki/The_Jester_(hacktivist)" title="The Jester (hacktivist)">The Jester</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major <a href="/wiki/Vulnerability_(computer_security)" title="Vulnerability (computer security)">vulnerabilities</a><br />publicly <a href="/wiki/Full_disclosure_(computer_security)" title="Full disclosure (computer security)">disclosed</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Evercookie" title="Evercookie">Evercookie</a> (2010)</li> <li><a href="/wiki/ISeeYou" title="ISeeYou">iSeeYou</a> (2013)</li> <li><a href="/wiki/Heartbleed" title="Heartbleed"> Heartbleed</a> (2014)</li> <li><a href="/wiki/Shellshock_(software_bug)" title="Shellshock (software bug)">Shellshock</a> (2014)</li> <li><a href="/wiki/POODLE" title="POODLE">POODLE</a> (2014)</li> <li><a href="/wiki/Rootpipe" title="Rootpipe">Rootpipe</a> (2014)</li> <li><a href="/wiki/Row_hammer" title="Row hammer">Row hammer</a> (2014)</li> <li><a href="/wiki/Signalling_System_No._7#Protocol_security_vulnerabilities" title="Signalling System No. 7">SS7 vulnerabilities</a> (2014)</li> <li><a href="/wiki/WinShock" title="WinShock">WinShock</a> (2014)</li> <li><a href="/wiki/JASBUG" title="JASBUG">JASBUG</a> (2015)</li> <li><a href="/wiki/Stagefright_(bug)" title="Stagefright (bug)">Stagefright</a> (2015)</li> <li><a href="/wiki/DROWN_attack" title="DROWN attack">DROWN</a> (2016)</li> <li><a href="/wiki/Badlock" title="Badlock">Badlock</a> (2016)</li> <li><a href="/wiki/Dirty_COW" title="Dirty COW">Dirty COW</a> (2016)</li> <li><a href="/wiki/Cloudbleed" title="Cloudbleed">Cloudbleed</a> (2017)</li> <li><a href="/wiki/Broadcom_Corporation#soc-wifi-vulns" title="Broadcom Corporation">Broadcom Wi-Fi</a> (2017)</li> <li><a href="/wiki/EternalBlue" title="EternalBlue">EternalBlue</a> (2017)</li> <li><a href="/wiki/DoublePulsar" title="DoublePulsar">DoublePulsar</a> (2017)</li> <li><a href="/wiki/Intel_Active_Management_Technology#Silent_Bob_is_Silent" title="Intel Active Management Technology">Silent Bob is Silent</a> (2017)</li> <li><a href="/wiki/KRACK" title="KRACK">KRACK</a> (2017)</li> <li><a href="/wiki/ROCA_vulnerability" title="ROCA vulnerability">ROCA vulnerability</a> (2017)</li> <li><a href="/wiki/BlueBorne_(security_vulnerability)" title="BlueBorne (security vulnerability)">BlueBorne</a> (2017)</li> <li><a href="/wiki/Meltdown_(security_vulnerability)" title="Meltdown (security vulnerability)">Meltdown</a> (2018)</li> <li><a href="/wiki/Spectre_(security_vulnerability)" title="Spectre (security vulnerability)">Spectre</a> (2018)</li> <li><a href="/wiki/EFAIL" title="EFAIL">EFAIL</a> (2018)</li> <li><a href="/wiki/Exactis" title="Exactis">Exactis</a> (2018)</li> <li><a href="/wiki/Speculative_Store_Bypass" title="Speculative Store Bypass">Speculative Store Bypass</a> (2018)</li> <li><a href="/wiki/Lazy_FP_state_restore" title="Lazy FP state restore">Lazy FP state restore</a> (2018)</li> <li><a href="/wiki/TLBleed" title="TLBleed">TLBleed</a> (2018)</li> <li><a href="/wiki/SigSpoof" title="SigSpoof">SigSpoof</a> (2018)</li> <li><a href="/wiki/Foreshadow" title="Foreshadow">Foreshadow</a> (2018)</li> <li><a href="/wiki/Wi-Fi_Protected_Access#Dragonblood_attack" title="Wi-Fi Protected Access">Dragonblood</a> (2019)</li> <li><a href="/wiki/Microarchitectural_Data_Sampling" title="Microarchitectural Data Sampling">Microarchitectural Data Sampling</a> (2019)</li> <li><a href="/wiki/BlueKeep" title="BlueKeep">BlueKeep</a> (2019)</li> <li><a href="/wiki/Kr00k" title="Kr00k">Kr00k</a> (2019)</li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Malware" title="Malware">Malware</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Ransomware#Bad_Rabbit" title="Ransomware">Bad Rabbit</a></li> <li><a href="/wiki/BlackEnergy#BlackEnergy_2_(BE2)" title="BlackEnergy"> Black Energy 2</a></li> <li><a href="/wiki/SpyEye" title="SpyEye">SpyEye</a></li> <li><a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Coreflood" title="Coreflood">Coreflood</a></li> <li><a href="/wiki/Alureon" title="Alureon">Alureon</a></li> <li><a class="mw-selflink selflink">Duqu</a></li> <li><a href="/wiki/Kelihos_botnet" title="Kelihos botnet">Kelihos</a></li> <li><a href="/wiki/Metulji_botnet" title="Metulji botnet">Metulji botnet</a></li> <li><a href="/wiki/Stars_virus" title="Stars virus">Stars</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Carna_botnet" title="Carna botnet">Carna</a></li> <li><a href="/wiki/Dexter_(malware)" title="Dexter (malware)">Dexter</a></li> <li><a href="/wiki/FBI_MoneyPak_Ransomware" title="FBI MoneyPak Ransomware">FBI</a></li> <li><a href="/wiki/Flame_(malware)" title="Flame (malware)">Flame</a></li> <li><a href="/wiki/Mahdi_(malware)" title="Mahdi (malware)">Mahdi</a></li> <li><a href="/wiki/Red_October_(malware)" title="Red October (malware)">Red October</a></li> <li><a href="/wiki/Shamoon" title="Shamoon">Shamoon</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/CryptoLocker" title="CryptoLocker">CryptoLocker</a></li> <li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">DarkSeoul</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Brambul" title="Brambul">Brambul</a></li> <li><a href="/wiki/BlackEnergy#BlackEnergy_3_(BE3)" title="BlackEnergy"> Black Energy 3</a></li> <li><a href="/wiki/Carbanak" title="Carbanak">Carbanak</a></li> <li><a href="/wiki/Careto_(malware)" title="Careto (malware)">Careto</a></li> <li><a href="/wiki/DarkHotel" title="DarkHotel">DarkHotel</a></li> <li><a href="/wiki/Duqu_2.0" title="Duqu 2.0">Duqu 2.0</a></li> <li><a href="/wiki/FinFisher" title="FinFisher">FinFisher</a></li> <li><a href="/wiki/Gameover_ZeuS" title="Gameover ZeuS">Gameover ZeuS</a></li> <li><a href="/wiki/Regin_(malware)" title="Regin (malware)">Regin</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Dridex" title="Dridex">Dridex</a></li> <li><a href="/wiki/Hidden_Tear" title="Hidden Tear">Hidden Tear</a></li> <li><a href="/wiki/Rombertik" title="Rombertik">Rombertik</a></li> <li><a href="/wiki/TeslaCrypt" title="TeslaCrypt">TeslaCrypt</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Hitler-Ransomware" title="Hitler-Ransomware">Hitler</a></li> <li><a href="/wiki/Jigsaw_(ransomware)" title="Jigsaw (ransomware)">Jigsaw</a></li> <li><a href="/wiki/KeRanger" title="KeRanger">KeRanger</a></li> <li><a href="/wiki/Necurs_botnet" title="Necurs botnet">Necurs</a></li> <li><a href="/wiki/MEMZ" title="MEMZ">MEMZ</a></li> <li><a href="/wiki/Mirai_(malware)" title="Mirai (malware)">Mirai</a></li> <li><a href="/wiki/Pegasus_(spyware)" title="Pegasus (spyware)">Pegasus</a></li> <li><a href="/wiki/Petya_(malware_family)" title="Petya (malware family)">Petya and NotPetya</a></li> <li><a href="/wiki/X-Agent" title="X-Agent">X-Agent</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/BrickerBot" title="BrickerBot">BrickerBot</a></li> <li><a href="/wiki/Kirk_Ransomware" title="Kirk Ransomware">Kirk</a></li> <li><a href="/wiki/LogicLocker" title="LogicLocker">LogicLocker</a></li> <li><a href="/wiki/Rensenware" title="Rensenware">Rensenware</a></li> <li><a href="/wiki/Triton_(malware)" title="Triton (malware)">Triton</a></li> <li><a href="/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack">WannaCry</a></li> <li><a href="/wiki/Xafecopy_Trojan" title="Xafecopy Trojan">XafeCopy</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/VPNFilter" title="VPNFilter">VPNFilter</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Grum_botnet" title="Grum botnet">Grum</a></li> <li><a href="/wiki/Joanap" title="Joanap">Joanap</a></li> <li><a href="/wiki/NetTraveler" title="NetTraveler">NetTraveler</a></li> <li><a href="/wiki/Chaos_Computer_Club#Staatstrojaner_affair" title="Chaos Computer Club">R2D2</a></li> <li><a href="/wiki/Tiny_Banker_Trojan" title="Tiny Banker Trojan">Tinba</a></li> <li><a href="/wiki/Titanium_(malware)" title="Titanium (malware)">Titanium</a></li> <li><a href="/wiki/ZeroAccess_botnet" title="ZeroAccess botnet">ZeroAccess botnet</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr></tbody></table></div> <!-- NewPP limit report Parsed by mw‐web.codfw.main‐697bc6cbd6‐b4ps6 Cached time: 20250331131741 Cache expiry: 2592000 Reduced expiry: false Complications: [vary‐revision‐sha1, show‐toc] CPU time usage: 0.328 seconds Real time usage: 0.414 seconds Preprocessor visited node count: 1594/1000000 Post‐expand include size: 91806/2097152 bytes Template argument size: 1496/2097152 bytes Highest expansion depth: 12/100 Expensive parser function count: 3/500 Unstrip recursion depth: 1/20 Unstrip post‐expand size: 68597/5000000 bytes Lua time usage: 0.189/10.000 seconds Lua memory usage: 5535893/52428800 bytes Number of Wikibase entities loaded: 0/400 --> <!-- Transclusion expansion time report (%,ms,calls,template) 100.00% 335.047 1 -total 40.13% 134.462 1 Template:Reflist 26.47% 88.678 3 Template:Navbox 25.52% 85.508 1 Template:Hacking_in_the_2010s 17.80% 59.646 1 Template:Cite_book 17.75% 59.458 1 Template:Short_description 10.70% 35.866 12 Template:Cite_web 10.53% 35.264 2 Template:Pagetype 6.27% 21.016 1 Template:For 4.64% 15.539 5 Template:Main_other --> <!-- Saved in parser cache with key enwiki:pcache:33515297:|#|:idhash:canonical and timestamp 20250331131741 and revision id 1283270442. Rendering was triggered because: page-view --> </div><!--esi <esi:include src="/esitest-fa8a495983347898/content" /> --><noscript><img src="https://auth.wikimedia.org/loginwiki/wiki/Special:CentralAutoLogin/start?useformat=desktop&amp;type=1x1&amp;usesul3=1" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=Duqu&amp;oldid=1283270442">https://en.wikipedia.org/w/index.php?title=Duqu&amp;oldid=1283270442</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Categories</a>: <ul><li><a href="/wiki/Category:Rootkits" title="Category:Rootkits">Rootkits</a></li><li><a href="/wiki/Category:Privilege_escalation_exploits" title="Category:Privilege escalation exploits">Privilege escalation exploits</a></li><li><a href="/wiki/Category:Cryptographic_attacks" title="Category:Cryptographic attacks">Cryptographic attacks</a></li><li><a href="/wiki/Category:Exploit-based_worms" title="Category:Exploit-based worms">Exploit-based worms</a></li><li><a href="/wiki/Category:Cyberwarfare" title="Category:Cyberwarfare">Cyberwarfare</a></li><li><a href="/wiki/Category:2011_in_computing" title="Category:2011 in computing">2011 in computing</a></li><li><a href="/wiki/Category:Cyberwarfare_in_Iran" title="Category:Cyberwarfare in Iran">Cyberwarfare in Iran</a></li><li><a href="/wiki/Category:Cyberattacks_on_energy_sector" title="Category:Cyberattacks on energy sector">Cyberattacks on energy sector</a></li><li><a href="/wiki/Category:Hacking_in_the_2010s" title="Category:Hacking in the 2010s">Hacking in the 2010s</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:Webarchive_template_wayback_links" title="Category:Webarchive template wayback links">Webarchive template wayback links</a></li><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_is_different_from_Wikidata" title="Category:Short description is different from Wikidata">Short description is different from Wikidata</a></li><li><a href="/wiki/Category:Use_dmy_dates_from_August_2016" title="Category:Use dmy dates from August 2016">Use dmy dates from August 2016</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 31 March 2025, at 13:17<span class="anonymous-show">&#160;(UTC)</span>.</li> <li id="footer-info-copyright">Text is available under the <a href="/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License" title="Wikipedia:Text of the Creative Commons Attribution-ShareAlike 4.0 International License">Creative Commons Attribution-ShareAlike 4.0 License</a>; additional terms may apply. By using this site, you agree to the <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use" class="extiw" title="foundation:Special:MyLanguage/Policy:Terms of Use">Terms of Use</a> and <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy" class="extiw" title="foundation:Special:MyLanguage/Policy:Privacy policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a rel="nofollow" class="external text" href="https://wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Wikipedia:About">About Wikipedia</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Wikipedia:General_disclaimer">Disclaimers</a></li> <li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=Duqu&amp;mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://www.wikimedia.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><picture><source media="(min-width: 500px)" srcset="/static/images/footer/wikimedia-button.svg" width="84" height="29"><img src="/static/images/footer/wikimedia.svg" width="25" height="25" alt="Wikimedia Foundation" lang="en" loading="lazy"></picture></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><picture><source media="(min-width: 500px)" srcset="/w/resources/assets/poweredby_mediawiki.svg" width="88" height="31"><img src="/w/resources/assets/mediawiki_compact.svg" alt="Powered by MediaWiki" lang="en" width="25" height="25" loading="lazy"></picture></a></li> </ul> </footer> </div> </div> </div> <div class="vector-header-container vector-sticky-header-container"> <div id="vector-sticky-header" class="vector-sticky-header"> <div class="vector-sticky-header-start"> <div class="vector-sticky-header-icon-start vector-button-flush-left vector-button-flush-right" aria-hidden="true"> <button class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-sticky-header-search-toggle" tabindex="-1" data-event-name="ui.vector-sticky-search-form.icon"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </button> </div> <div role="search" class="vector-search-box-vue vector-search-box-show-thumbnail vector-search-box"> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail"> <form action="/w/index.php" id="vector-sticky-search-form" class="cdx-search-input cdx-search-input--has-end-button"> <div class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia"> <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <div class="vector-sticky-header-context-bar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-sticky-header-toc" class="vector-dropdown mw-portlet mw-portlet-sticky-header-toc vector-sticky-header-toc vector-button-flush-left" > <input type="checkbox" id="vector-sticky-header-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-sticky-header-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-sticky-header-toc-label" for="vector-sticky-header-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-sticky-header-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div class="vector-sticky-header-context-bar-primary" aria-hidden="true" ><span class="mw-page-title-main">Duqu</span></div> </div> </div> <div class="vector-sticky-header-end" aria-hidden="true"> <div class="vector-sticky-header-icons"> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-talk-sticky-header" tabindex="-1" data-event-name="talk-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbles mw-ui-icon-wikimedia-speechBubbles"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-subject-sticky-header" tabindex="-1" data-event-name="subject-sticky-header"><span class="vector-icon mw-ui-icon-article mw-ui-icon-wikimedia-article"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-history-sticky-header" tabindex="-1" data-event-name="history-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-history mw-ui-icon-wikimedia-wikimedia-history"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only mw-watchlink" id="ca-watchstar-sticky-header" tabindex="-1" data-event-name="watch-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-star mw-ui-icon-wikimedia-wikimedia-star"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-edit-sticky-header" tabindex="-1" data-event-name="wikitext-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-wikiText mw-ui-icon-wikimedia-wikimedia-wikiText"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-ve-edit-sticky-header" tabindex="-1" data-event-name="ve-edit-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-edit mw-ui-icon-wikimedia-wikimedia-edit"></span> <span></span> </a> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only" id="ca-viewsource-sticky-header" tabindex="-1" data-event-name="ve-edit-protected-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-editLock mw-ui-icon-wikimedia-wikimedia-editLock"></span> <span></span> </a> </div> <div class="vector-sticky-header-buttons"> <button class="cdx-button cdx-button--weight-quiet mw-interlanguage-selector" id="p-lang-btn-sticky-header" tabindex="-1" data-event-name="ui.dropdown-p-lang-btn-sticky-header"><span class="vector-icon mw-ui-icon-wikimedia-language mw-ui-icon-wikimedia-wikimedia-language"></span> <span>10 languages</span> </button> <a href="#" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive" id="ca-addsection-sticky-header" tabindex="-1" data-event-name="addsection-sticky-header"><span class="vector-icon mw-ui-icon-speechBubbleAdd-progressive mw-ui-icon-wikimedia-speechBubbleAdd-progressive"></span> <span>Add topic</span> </a> </div> <div class="vector-sticky-header-icon-end"> <div class="vector-user-links"> </div> </div> </div> </div> </div> <div class="mw-portlet mw-portlet-dock-bottom emptyPortlet" id="p-dock-bottom"> <ul> </ul> </div> <script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-68fb9bc488-bzzq9","wgBackendResponseTime":140,"wgPageParseReport":{"limitreport":{"cputime":"0.328","walltime":"0.414","ppvisitednodes":{"value":1594,"limit":1000000},"postexpandincludesize":{"value":91806,"limit":2097152},"templateargumentsize":{"value":1496,"limit":2097152},"expansiondepth":{"value":12,"limit":100},"expensivefunctioncount":{"value":3,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":68597,"limit":5000000},"entityaccesscount":{"value":0,"limit":400},"timingprofile":["100.00% 335.047 1 -total"," 40.13% 134.462 1 Template:Reflist"," 26.47% 88.678 3 Template:Navbox"," 25.52% 85.508 1 Template:Hacking_in_the_2010s"," 17.80% 59.646 1 Template:Cite_book"," 17.75% 59.458 1 Template:Short_description"," 10.70% 35.866 12 Template:Cite_web"," 10.53% 35.264 2 Template:Pagetype"," 6.27% 21.016 1 Template:For"," 4.64% 15.539 5 Template:Main_other"]},"scribunto":{"limitreport-timeusage":{"value":"0.189","limit":"10.000"},"limitreport-memusage":{"value":5535893,"limit":52428800}},"cachereport":{"origin":"mw-web.codfw.main-697bc6cbd6-b4ps6","timestamp":"20250331131741","ttl":2592000,"transientcontent":false}}});});</script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"Duqu","url":"https:\/\/en.wikipedia.org\/wiki\/Duqu","sameAs":"http:\/\/www.wikidata.org\/entity\/Q911654","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q911654","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2011-10-24T13:46:48Z","dateModified":"2025-03-31T13:17:30Z","headline":"Wikimedia disambiguation page"}</script> </body> </html>