The Duqu Trojan is composed of several Malicious files that work together for a Malicious purpose. Duqu appears to be more narrowly targeted than Stuxnet as researchers estimate the new trojan virus has infected at most dozens of machines so far. By comparison, Stuxnet spread much more quickly, popping up on thousands of computer systems. Security firms including Dell Inc's SecureWorks, Intel Corp's McAfee, Kaspersky Lab and Symantec say they found Duqu victims in Europe, Iran, Sudan and the United States. They declined to provide their identities.
Duqu so named because it creates files with "DQ" in the prefix -- was designed to steal secrets from the computers it infects, researchers said, such as design documents from makers of highly sophisticated valves, motors, pipes and switches. Duqu and Stuxnet both use a kernel driver to decrypt and load encrypted DLL (Dynamic Load Library) files. The kernel drivers serve as an "injection" engine to load these DLLs into a specific process. This technique is not unique to either Duqu or Stuxnet and has been observed in other unrelated threats.