Forgot your password?
typodupeerror
Security Worms IT

Inside the Duqu Worm's Source Code 157

Posted by samzenpus
from the taking-a-closer-look dept.
angry tapir writes "Wrapped in the code the Duqu worm uses to infect computers is the message: 'Copyright (c) 2003 Showtime Inc. All rights reserved. DexterRegularDexter.' An analysis of the worm has also revealed that Duqu, which is similar to Stuxnet and may even have been written by the same developers, may be four years old and that it generally tries to steal information on Wednesdays."
This discussion has been archived. No new comments can be posted.

Inside the Duqu Worm's Source Code

Comments Filter:
  • well.. (Score:5, Funny)

    by Anonymous Coward on Sunday November 13, 2011 @11:15PM (#38045222)

    count (duqu); :(){ :|:&};:

  • by Anonymous Coward on Sunday November 13, 2011 @11:21PM (#38045246)

    Pirate it and see who sues you.

  • by Anonymous Coward

    I think someone is fibbing!

    • by Culture20 (968837)
      But it had to be written, put on hiatus, casted, put on hiatus, filmed, produced, marketed to hell... then debuted.
  • by bmo (77928) on Sunday November 13, 2011 @11:27PM (#38045270)

    But never on a Sunday.

    http://www.youtube.com/watch?v=XRdkRaKgIsY [youtube.com]

    --
    BMO

  • by seven of five (578993) on Sunday November 13, 2011 @11:33PM (#38045292) Homepage
    I think you mean object code.
  • Some say... (Score:5, Funny)

    by beefmusta (1616667) on Sunday November 13, 2011 @11:39PM (#38045314)
    ...that he may be four years old. And that he generally tried to steal information on Wednesdays. All we know is... he's called the stig.
  • by no-body (127863)

    they all just talk "about" the thing and never show it for real - source or object. Kinda boring!

    • by yuhong (1378501)

      From the original blog article [securelist.com]:
      "Due to privacy reasons and protection of the identity of the victim, we cannot share the source .DOC file with other parties."

      • by no-body (127863)

        What's got a victim identity have to do with the program source- or object code of a program?
        Zilch!
        Whoever has access to it should take an example of the CCC who were pretty open about the content of their Trojans found.

  • I wonder why 2003. Didn't the show start in 2006?

  • by gstrickler (920733) on Monday November 14, 2011 @01:11AM (#38045694)

    ...because it never could get the hang of Thursdays.

  • by DrVomact (726065) on Monday November 14, 2011 @01:27AM (#38045774) Journal

    From the article:

    The evidence points to a high level of sophistication. "The exploit used to infect victims with Duqu is incredibly well written, beautiful in a sense," Raiu said. "The Duqu authors are top-class exploit writers."

    If I were the author(s) of this piece of malware, I'd get a real warm fuzzy feeling reading those words. So they're skillful. But they're also destructive jerks—yet the author of the piece has nothing to say about their character. Heck, they're celebrities, and that's all that matters any more.

    Of course they're good. There is big money in writing malware; the nerd-lords of cybercrime can afford to hire the very best coders, and keep them knee-deep in twinkie wrappers. It's not script kiddies anymore (except those who are just practicing to get a real job writing serious malware, or maybe demonstrating the appropriate skills for potential employers); this is a profession now. Given the absence of any sense of morality among the most intelligent of our young people, money buys all the talent the criminals need. But these guys will work for anybody who has money. The TLAs of the government, for instance. Or non-governmental agencies with an interest in destruction. There is nothing more dangerous than smart people without a moral compass.

    Sort of reminds me of Oppenheimer's comment about H-bomb technology as being "technically sweet".

    • by hyades1 (1149581)

      The Invisible Hand of the Free Market is obviously ensuring that the best and brightest aren't under corporate control. The Russian Mafia is bad enough. Can you imagine if Monsanto got hold of some real programmers?

    • by thsths (31372) on Monday November 14, 2011 @03:03AM (#38046174)

      > There is nothing more dangerous than smart people without a moral compass.

      That's funny, because it seems that is exactly the combination you need to be successful nowadays...

      • by garaged (579941)

        Of course for a defined/limited version of "success"

      • by mortonda (5175)
        Except stupid people without a moral compass that end up in congress...
        • by TheLink (130905)
          They aren't so stupid if they keep ending up in congress and do reasonably well for themselves and those they care about.

          If the voters like to vote for people who seem stupid, the even the smart ones will pretend to be stupid if they want to keep getting elected.
          • Never underestimate the power of stupid people in large groups.

            And indeed economics confirms that being the sole "smart" person in a group of stupid people is not nearly as smart as you'd think :

            A Darwinian enigma [science20.com] (generally, following the group is the wisest course of action, almost regardless of how stupid it is)

    • by FhnuZoag (875558)
      Wasn't Stuxnet connected with the US government in the end? Could there be a governmental connection with Duqu as well?
      • The US and Israel have been convicted of releasing that malware without any any proof but that has become SOP all over the world. The US and Israel get blamed for every thing that goes wrong in the world. Usually without a single piece of evidence to support the accusations. The "International Community" should not really be surprised when both the US and Israel give them the finger and recommend they fuck off and take care of their on problems for once.
        • To be fair, it's hard to dispute that it wasn't Israeli code with significant US assistance. But I haven't really seen anybody "convicting" them over it.

          I thought Stuxnet was a master stroke. Disrupt someone's nuclear capability as effectively as bombing, but without any collateral damage and covertly enough that they can't link it to you solidly enough to consider it an act of war.

          Genius, IMHO.

          • "hard to dispute"
            Why? What magical insight do you possess that can support this opinion? By the time the phrase "hard to dispute" multiplies and mutates across the Internet millions of times people start thinking of it as a factual statement when it was only someones unsupported opinion. The Internet was supposed to be this great medium for spreading information but instead it's turned into the biggest bullshit spreader ever invented. There is no "true and false" or "right and wrong" anymore there is only
            • In May 2011, the PBS program Need To Know cited a statement by Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we – the US and its allies – are doing everything we can to make sure that we complicate matters for them", offering "winking acknowledgement" of US involvement in Stuxnet. According to the British Daily Telegraph, a showreel that was played

              • I have no doubt there were nation state security agencies involved. Groups like ANonymos or Lulz don't even come close to having the capabilites to do something like this. To build and deploy Stuxnet required in-depth knowledge of the PLC systems and centrifuge technical data, 2 valid security certs that were stolen from 2 different companies located in Japan, physical access to get the memory stick into a very secure environment, 2 0-day exploits, and very sophisticated engineers and programmers. The fac
                • All of what you claim to require is available for dollars (or yen, as it was in Japan apparently - didn't know that).

                  You know which organisation would by far have the easiest time doing this ? Siemens itself. Anyone on this list, for example :

                  Siemen's management [siemens.com]

                  If they think it their duty to be responsible, stuxnet may be part of that, no ? Then again, it's a corporation ... I don't know.

                  • Well I did claim significant amounts of money was required for this project. And if any corporation was involved I doubt the plan was presented to the board of directors for a vote. It only takes one person to breech corporate internal security and gain access to any information they need. This is were the money can make the biggest difference.
                    • Usually commercial corporations and most non-security related government agencies rely on simple but thorough background checks to fulfill their due diligence when it comes to security. But that doesn't mean a person with a squeaky clean background and high level security clearance won't change their mind for the right amount of money. I still find internal corporate security measures weak and practically useless for a determined person. There are only a very small handful of corporations I have worked for
    • by inviolet (797804)

      Given the absence of any sense of morality among the most intelligent of our young people, money buys all the talent the criminals need. But these guys will work for anybody who has money. The TLAs of the government, for instance. Or non-governmental agencies with an interest in destruction. There is nothing more dangerous than smart people without a moral compass.

      I'd noticed that too. Religion was once the source of our moral compass, but it is thoroughly discredited now, and no replacement has risen to the task. Leftism sort of tried with various Collectivist / Utilitarian approaches, but was doomed to fail by its Skepticist "No one can be certain of anything" ideological foundation.

      Evolution hasn't prepared us for the post-religion era.

      • by DrVomact (726065)

        I'd noticed that too. Religion was once the source of our moral compass, but it is thoroughly discredited now, and no replacement has risen to the task. Leftism sort of tried with various Collectivist / Utilitarian approaches, but was doomed to fail by its Skepticist "No one can be certain of anything" ideological foundation.

        Evolution hasn't prepared us for the post-religion era.

        I have to disagree with what you say; I don't think that religion is a necessary prerequisite for morality. The relation between morality and religion is a complex one, and difficult to untangle—particularly because some religions, such as the Judaic and Muslim—have taken great pains to impose a legal code on their followers. This has led to the confused notion that you can't be good without also being religious, something that would be quite frightening if it were true. Consider the number of a

        • by inviolet (797804)

          I'd noticed that too. Religion was once the source of our moral compass, but it is thoroughly discredited now, and no replacement has risen to the task. Leftism sort of tried with various Collectivist / Utilitarian approaches, but was doomed to fail by its Skepticist "No one can be certain of anything" ideological foundation.

          Evolution hasn't prepared us for the post-religion era.

          I have to disagree with what you say; I don't think that religion is a necessary prerequisite for morality. The relation between morality and religion is a complex one, and difficult to untangle—particularly because some religions, such as the Judaic and Muslim—have taken great pains to impose a legal code on their followers. [...]

          I never said otherwise... and reading your well-thought-out post, I see we already think alike on this subject.

          I am one of those Camus-style thinkers who, on seeing that in our world "All is permitted" (Camus quoting Machievelli), develops a moral code and takes it seriously, even though "in reason, there is no reason to", as they say.

          And yes, I'm aware of Rand's credible effort to rationally derive a moral code, which is entirely correct yet can't (to my satisfaction) answer the free-rider problem.

          • by DrVomact (726065)

            I don't think that developing a new moral code is either helpful or necessary; I'm not even convinced that it's possible. I don't think that our problem is a lack a of moral rules, nor that it can be solved by philosophers sitting around and thinking up better ones. I fear that our society has simply become one in which evil is tolerated and encouraged, and where the things that are valued are, in fact, worthless. To cite just one relatively trivial example, the adulation of "celebrities" is foolish and mor

    • Sounds like a great premise for a future Bond movie! Not saying it's not real, just that there's room for a script in your concept too..

  • wtf... (Score:4, Insightful)

    by snero3 (610114) on Monday November 14, 2011 @04:49AM (#38046486) Homepage

    "The Duqu gang has an affinity for Wednesdays,"Raiu said. "They have repeatedly attempted to steal information from these systems on Wednesdays. This probably indicates a strong routine, almost military type."

    or they are just fucking with you!

  • how to get this Duqu worm in computer and how do you come to know that from the worm they tried to steal information on Wednesday splash12 [thetorontolimo.com]
  • I think my company needs to be aware of this and take proper precautions.

    All computers should be turned off all day Wednesday to prevent Duqu stealing information.

    As a computer programmer- I especially like the sound of this preventative measure.

Lo! Men have become the tool of their tools. -- Henry David Thoreau

Working...