Duqu's purpose appears to be to Duqu's purpose appears to be to "gather intelligence and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party," Symantec reported. Associated Press

The U.S. Department of Homeland Security has issued a public alert after a computer virus similar to the one that attacked nuclear plants in Iran last year was discovered in European security systems.

The new virus, called Duqu, has parts that are "nearly identical" to the Stuxnet virus in Iran and appears to have been written by the same authors or other people with access to the Stuxnet source code, reported security company Symantec in a blog posting Tuesday.

While the Stuxnet virus was designed to sabotage industrial systems, Duqu's purpose appears to be to "gather intelligence and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party," Symantec reported.

For example, Duqu was used to install another program that could record keystrokes.

According to a blog post from McAfee Labs, another security company that has received the code for Duqu, the virus communicates with a command server in India.

Following the reports from Symantec and McAfee, the U.S. Department of Homeland Security issued a public alert through its Industrial Control Systems Cyber Emergency Response Team.

"The full extent of the threat posed by W32.Duqu is currently being evaluated," the alert said. "At this time, no specific mitigations are available; however, organizations should consider taking defensive measures against this threat."

It recommended taking measures such as minimizing network exposure for control system devices, putting control system networks behind firewalls, and using secure methods such as Virtual Private Networks for remotely accessing control devices.

The alert added that while security experts don't yet know how Duqu spreads, "the targeted nature of the thread would make social engineering a likely method of attack."

Social engineering refers to a method used to trick a user into installing malware by delivering it through what looks like a person or website that they trust.

Symantec said attacks using Duqu, a type of malware known as a remote access Trojan, may have been first conducted as early as December 2010. Duqu does not self-replicate to spread and it deletes itself from the system after 36 days. It sends its data in the form of files that look like JPG image files, including some data that is encrypted.