[cryptography] [OT] Reworked Version of Stuxnet Relative Duqu Found in Iran
noloader at gmail.com
Wed Mar 28 23:39:00 EDT 2012
>From "Reworked Version of Stuxnet Relative Duqu Found in Iran,"
Duqu's builders also changed its encryption algorithm and
rigged the malware loader to pose as a Microsoft driver.
(The old driver was signed with a stolen Microsoft certificate.)
Is the stolen certificate related to Diginotar or some other incident?
Microsoft claims Diginotar issued certificates are inert
Perhaps "Stolen encryption key the source of compromised certificate
problem, Symantec says,"
More information about the cryptography