Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Duqu 2.0 used stolen digital certificate in attacks

Duqu 2.0 used stolen digital certificate in attacks


Securityweek - (International) Security researchers at Kaspersky Lab reported that the attackers behind the Duqu 2.0 malware identified in worldwide attacks in June used a stolen valid digital signature from Hon Hai Precision Industry Co., LTD/Foxcon Technology Group to sign a driver that masked command-and-control (C&C) traffic and ensured the persistence of the malware. The attackers reportedly installed the malicious drivers on firewalls, gateways, and servers with direct internet access as well as corporate network access.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:24:29