Skip to main content

Indian Authorities Investigate IT Service Based on Tip from Symantec

Indian anti-cyber crime officials have seized equipment from a server operating in the city of Mumbai as a part an investigation into the Duqu botnet.

According to an article (opens in new tab)on eWeek, officials of India's Department of Technology raided a data center in Mumbai and seized hard drives from a server which was supposed to be the command and control center of the botnet.

The officials were acting on a tip off made by security software maker Symantec, whose researchers discovered the botnet.

Symantec said that as of now, the botnet was being used to create back doors in infected systems to connect to the command and control center. It was being used for information gathering activities.

Symantec also revealed the botnet shared code similarities with the Stuxnet virus, which means that either the same team which developed Stuxnet also created Duqu, or it was built using the Stuxnet source code.

The alleged server belonged to a Mumbai based IT services firm Web Works, whose employees confirmed that Indian officials had seized the hard drives. They also revealed they had no idea how the malware came to infect the system and claimed that the company was not able to track the customer to which the server belonged.