The Duqu Detector Toolkit v1.01 looks for suspicious files left by Duqu, which has created a buzz in the security community given its stealthy nature and some characteristics it shares with another famous piece of malicious software, Stuxnet.
The Laboratory of Cryptography and System Security (CrySys), part of Budapest University of Technology and Economics based in Hungary, wrote in its release notes that the toolkit, which is composed of four components, looks for strange files that mark an infection.
CrySys said that the toolkit should detect a real active Duqu infection, but it is possible to get a false positive, so it cautioned that administrators will need to analyze the results.
To download the Toolkit: duqu detector
The Laboratory of Cryptography and System Security (CrySys), part of Budapest University of Technology and Economics based in Hungary, wrote in its release notes that the toolkit, which is composed of four components, looks for strange files that mark an infection.
CrySys said that the toolkit should detect a real active Duqu infection, but it is possible to get a false positive, so it cautioned that administrators will need to analyze the results.
To download the Toolkit: duqu detector
No comments:
Post a Comment