iranview
© V3
A senior figure in the Iranian government has revealed that the Duqu malware has infected machines in the region, although he claimed that the attack is under control, according to reports.

Civil defence minister Brigadier General General Gholamreza Jalali reportedly told the state-run Islamic Republican News Agency that IT experts are "in the initial phase of fighting the virus", although he did not reveal whether the Trojan had managed to infect systems at the country's nuclear facilities.

"The final report that says which organisations the virus has spread to and what its impacts are has not been completed yet," he is reported as saying.

"All the organisations and centres that could be susceptible to being contaminated are being controlled."

Duqu leapt to prominence a few weeks ago when Hungarian researchers discovered malware which shared much of the same code as the infamous Stuxnet worm - an attack largely believed to have been crafted specifically by a nation state to disrupt Iran's nuclear programme.

Some experts had suggested that the two pieces of malware are very similar and could share the same authors.

However, Duqu differs from Stuxnet in that the latter was crafted to target Siemens industrial control systems and effectively disrupt their operation, while Duqu takes advantage of a zero-day vulnerability in the Win32k TrueType font parsing engine to gather intelligence and data on industrial systems.

As such it could be seen more as a precursor to a Stuxnet-like attack.

Researchers from CrySyS, the team that is believed to have first discovered the Trojan, released an open source toolkit last week designed to help organisations detect Duqu on their networks.