Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security Worms IT

Inside the Duqu Worm's Source Code 157

Posted by samzenpus from the taking-a-closer-look dept.
angry tapir writes "Wrapped in the code the Duqu worm uses to infect computers is the message: 'Copyright (c) 2003 Showtime Inc. All rights reserved. DexterRegularDexter.' An analysis of the worm has also revealed that Duqu, which is similar to Stuxnet and may even have been written by the same developers, may be four years old and that it generally tries to steal information on Wednesdays."
This discussion has been archived. No new comments can be posted.

Inside the Duqu Worm's Source Code More

Inside the Duqu Worm's Source Code

Comments Filter:

  • If only my boss had said such nice things about me (Score:5, Insightful)

    by DrVomact ( 726065 ) on Monday November 14, 2011 @02:27AM (#38045774) Journal

    From the article:

    The evidence points to a high level of sophistication. "The exploit used to infect victims with Duqu is incredibly well written, beautiful in a sense," Raiu said. "The Duqu authors are top-class exploit writers."

    If I were the author(s) of this piece of malware, I'd get a real warm fuzzy feeling reading those words. So they're skillful. But they're also destructive jerks—yet the author of the piece has nothing to say about their character. Heck, they're celebrities, and that's all that matters any more.

    Of course they're good. There is big money in writing malware; the nerd-lords of cybercrime can afford to hire the very best coders, and keep them knee-deep in twinkie wrappers. It's not script kiddies anymore (except those who are just practicing to get a real job writing serious malware, or maybe demonstrating the appropriate skills for potential employers); this is a profession now. Given the absence of any sense of morality among the most intelligent of our young people, money buys all the talent the criminals need. But these guys will work for anybody who has money. The TLAs of the government, for instance. Or non-governmental agencies with an interest in destruction. There is nothing more dangerous than smart people without a moral compass.

    Sort of reminds me of Oppenheimer's comment about H-bomb technology as being "technically sweet".

  • Duqu doesn't work that way. (Score:2, Insightful)

    by Anonymous Coward on Monday November 14, 2011 @03:47AM (#38046108)

    This is not a Word macro. It's not even a Word bug. It's a font rendering bug IN THE KERNEL that can be triggered by anything that lets you embed a custom font. Web pages can contain custom fonts. PDF files can contain custom fonts.

    Oh, they also have a properly signed driver, and they disable antivirus/antimalware.

  • Re:If only my boss had said such nice things about (Score:5, Insightful)

    by thsths ( 31372 ) on Monday November 14, 2011 @04:03AM (#38046174)

    > There is nothing more dangerous than smart people without a moral compass.

    That's funny, because it seems that is exactly the combination you need to be successful nowadays...

  • wtf... (Score:4, Insightful)

    by snero3 ( 610114 ) on Monday November 14, 2011 @05:49AM (#38046486) Homepage

    "The Duqu gang has an affinity for Wednesdays,"Raiu said. "They have repeatedly attempted to steal information from these systems on Wednesdays. This probably indicates a strong routine, almost military type."

    or they are just fucking with you!

Slashdot Top Deals

On the eighth day, God created FORTRAN.

Close