ID: IRCNE2012031433
Date: 2012-03-11
According to "zdnet", the Duqu Trojan, referred to by some as Stuxnet 2.0, was partly written using an unknown programming language. While secuirty researchers have worked out what the mystery code does, they aren’t sure about the syntax.
Some parts of it, including those for downloading and executing additional modules, were written in standard C++, but a big chunk of it was not. This particular section contains no references to any standard or user-written C++ functions, and may have been created by a different programming team. Security firm Kaspersky says the unusual code is unique to Duqu: many parts are directly borrowed from Stuxnet, but this one is new. The company has named it the Duqu Framework, and has noted that it is not written in C++, Objective C, Java, Python, Ada, Lua, and many other languages it checked. Unlike the rest of Duqu, it also wasn’t compiled with Microsoft’s Visual C++ 2008. All we know is that it’s object-oriented.
The sophistication of the worm is one thing, but the fact that an entirely new programming language may have been created for it, points to some seriously deep pockets backing the project.
Related Link:
Duqu, very sophisticated
- 2