The virus hackers used to surveil the servers of three European hotels being used to host talks between Iran and the West are capable of far more than just peeking at information, an expert revealed Thursday.
The virus, Duqu 2.0, can actually steal a wealth of information far beyond a run-of-the-mill virus, according to Treadstone 71 CIO Jeff Bardin.
“Since Duqu uses root capabilities and exploits vulnerabilities that allow for an elevation of privileges, Duqu can be used to install other code that can keystroke log, record conversations, record video, extract files, track any activity that occurs on the infected Windows PC or laptop,” Bardin explained to Business Insider. “This includes the capturing of user IDs, passwords, and sensitive files.”
“Once the code is installed, most anti-virus software cannot detect or remove this malware. Duqu allows for the complete takeover of the target Windows devices.”
Israel was blamed for the virus found earlier this month, according to the Wall Street Journal‘s report Wednesday, due to Duqu’s origins as an Israeli code and clues such as names hinting to the Hebrew alphabet.
However, as Israeli officials deny any involvement in the virus, experts have explained that the assumption is also based on the extent of the surveillance Duqu can provide; a second expert told the Insider the virus is on par with the 2012 Stuxnet virus, also linked to Israel.
Experts believe Duqu, first discovered in 2011, is used to carry out Israel’s most delicate intelligence-gathering projects.
Israel also denied spying on talks when the Journal released a similar report in March.
In that report, Israel had been accused of using unspecified means to acquire information “from confidential US briefings, informants and diplomatic contacts in Europe.”