by Gregg Keizer
In this article “Duqu, the malware that has been compared to 2010’s notorious Stuxnet, is back, security researchers said today.
After a several-month sabbatical, the Duqu makers recompiled one of the Trojan’s components in late February, said Liam O Murchu, manager of operations at Symantec’s security response team.
The system driver, which is installed by the malware’s dropper agent, is responsible for decrypting the rest of the already-downloaded package, then loading those pieces into the PC’s memory.
Symantec has captured a single sample of the driver, which was compiled Feb. 23, 2012. Before that, the last time the Duqu gang updated the driver was Oct. 17, 2011.”