Further analysis of the latest version of Stuxnet indicates the Duqu worm may be attacking certificate authorities in order to obtain legitimate keys to masquerade as a trusted application. –
As Symantec continues its analysis of Duqu, the latest malware targeting industrial control firms and based on the Stuxnet worm, other security researchers believe that certificate authorities are among the affected victims.
Symantec posted its preliminary analysis of the Duqu worm on Oct. 18. …