Micorosft’s Terry Zink sums up his “20 minutes of research“ on Duqu:
On page 18 of that report, they list similarities between Stuxnet and Duqu. But how many generic pieces of malware have those same similarities as Stuxnet? Is this just an example of the Barnum effect (like that one South Park episode where Stan Marsh talked to the dead and John Edward won the BDIU award)? For all I know, half the malware out there can be classified as similar to Stuxnet.
Are Stuxnet and Duqu related? I don’t know.
Symantec calls the malware “The precursor to the next Stuxnet“. Good malware analysis marketing.
Duqu’s purpose is to gather intelligence data and assets from entities such as industrial control system manufacturers in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.