Duqu became known in October when Symantec discovered a virus that used code similar to another virus called Stuxnet. Stuxnet was thought to have been used to disrupt Iran's nuclear program.... I wonder where that came from??
The Techy guardians and cyber police are now trying to understand the virus and stop the spread, hoping it won’t become the biggest threat yet to our corporate and government computer infrastructures.
Microsoft reportedly confirmed that the virus had exploited a bug in the Win32k Truetype font parsing engine to allow it to contaminate machines. It is believed by Anti-Virus experts that the attack was made through emails and affected Word documents. Upon opening the document the virus allows the attacker to take control of the machine, create accounts and traverse the network looking for data. It is thought the code used may have been given to the attackers by the developers of Stuxnet. Microsoft is working on the fix and has provided a temporary workaround as a full security update wont be ready this month.
There will no doubt be a lot more of these attacks as Cybercrime is seen as a way of disrupting governments and high profile infrastructures. Part of me wonders if the saying "it'll come back and bite you on the arse" might be appropriate in this case.