Security researchers at Kasperksy Labs have been able to unlock the secrets of the mysterious code found in the Duqu worm, thanks to a nifty spot of crowdsourcing.
According to Igor Soumenkov of Kaspersky, Duqu's strange command and control communication modules were either written using a custom framework based on an obscure object-oriented dialect of the C programming language, known as OO C or it was manually coded using that dialect.
“No matter which of these two variants is true, the implications are impressive,” wrote Soumenkov on a company blog.
Kaspersky had originally asked for help in identifying the mysterious code, having spent months analysing the worm, which was dubbed Stuxnet 2 in some quarters, as the sophisticated code looked to be aimed an industrial-grade cyber espionage operations.
It paid a closer resemblance to code found in “complex 'civil' software projects, rather than contemporary malware,” added Soumenkov.
Kaspersky said more than 200 people provided comments, with a further 60 emailing suggestions, to help it crack the Duqu conundrum.
“There is no easy explanation why OO C was used instead of C++,” said Soumenkov, although adding that it suggests, "the code was written by a team of experience 'old-school' developers."
Overall, the Duqu code stood out “like a gem for the large mass of 'dumb' malicious programs we normally see,” he added.
Last November, Iranian officials confirmed that the Duqu code had infected computers in the country, although it remains unclear whether those machines were in its nuclear facilities, which were targeted by Stuxnet.
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon