Duqu 2.0 is a version ofmalware reported in 2015 to have infected computers in hotels of Austria and Switzerland that were sites of the international negotiations with Iran over its nuclear program and economic sanctions.^[1] The malware, which infected Kaspersky Lab for months without their knowledge,^[2] is believed to be the work ofUnit 8200, anIsraeli Intelligence Corps unit of theIsrael Defense Forces. The New York Times alleges this breach of Kaspersky in 2014 is what allowed Israel to notify the US ofRussian hackers using Kaspersky software to retrieve sensitive data.^[3]

Kaspersky discovered the malware, andSymantec confirmed those findings. The malware is a variant ofDuqu, and Duqu is a variant ofStuxnet. The software is "linked to Israel", according toThe Guardian.^[4] The software used threezero-day exploits,^[5] and would have required funding and organization consistent with a government intelligence agency.^[6]

According to Kaspersky, "the philosophy and way of thinking of the “Duqu 2.0” group is a generation ahead of anything seen in the advanced persistent threats world."^[7]

• Negotiations on Iran nuclear deal framework

Thismalware-related article is astub. You can help Wikipedia byexpanding it.

• v
• t
• e

• Windows malware
• Exploit-based worms
• 2015 in computing
• Hacking in the 2010s
• Unit 8200
• Malware stubs

• Webarchive template wayback links
• Articles with short description
• Short description matches Wikidata
• All stub articles