In Indian authorities are investigating a computer server in Mumbai for links to the Duqu malicious software that some security experts warned could be the next big cyber threat, says a report by Reuters.
According to the report Mumbai-based hosting provider Web Werks had given an image of the suspicious virtual private server to officials from the Indian Computer Emergency Response Team (CERT-In). This was done following a finding by Symantec that the server was communicating with computers infected with the Duqu virus.
The virtual private server was leased to a client in Milan, Italy, according to Nikhil Rathi, founder of Web Werks. Reuters quotes him as saying: "This is an unmanaged server. So, you just make it and let the customer access it. When you hand over a server to a customer, that's it, it's his. He can change his password and do whatever he wants with it."
News of Duqu broke on October 18 when Symantec said in a report that a research lab with international connections had alerted it to a mysterious computer virus that "appeared to be very similar to Stuxnet," a piece of malicious software believed to have wreaked havoc on Iran's nuclear program. [ID:nN1E79H1XK]
The image from Web Werks, a privately held company in Mumbai with about 200 employees, might hold valuable data to help investigators determine who built Duqu and how it can be used. But putting the pieces together is a long and difficult process, experts said.
Add new comment