Johannesburg - Symantec has discovered a new Stuxnet-like targeted threat called Duqu [dyü-kyü].
The internet security firm is in the midst of analysing a newly discovered targeted threat that shares a great deal of code in common with the infamous Stuxnet malware.
Of note, it is apparent to Symantec that the authors of this new threat, dubbed Duqu, had access to the Stuxnet source code, not just Stuxnet binaries. Thus, it is possible Duqu was created by the same attackers that created Stuxnet.
Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party.
The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility. Thus, Duqu is essentially the precursor to a future Stuxnet-like attack.
More details can be found in the following Symantec blog post: http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet.