Duqu Trojan Found To Include Mystery Programming Language

Researchers at Kaspersky have reached out for assistance after an investigation into the Duqu Trojan uncovered a section that is written in an unknown programming language.

Believed to be authored by the developers of the Stuxnet malware, traces of Duqu were found as far back as 2007. It gained notoriety after several attacks on Iranian organisations, stealing corporate and operational information.

“Duqu Framework”

The mystery section was found in the Payload DLL, which communicates with the Trojan’s Command and Control (C&C) servers once a machine is infected. Kaspersky’s researchers have dubbed it the “Duqu Framework” and have suggested that the language used may have been solely developed for the specific malware.

While the majority of Duqu is written in C++, the Framework was not and was not compiled with Microsoft’s Visual C++ 2008. Other languages ruled out include Python, Java, Objective C, Ada and Lua.

“Given the size of the Duqu project, it’s possible that an entirely different team was responsible for creating the Duqu Framework as opposed to the team that created the drivers and wrote the system infection exploits,” said Alexander Gostev, chief security expert at Kaspersky Lab, in a statement.

“With the extremely high level of customisation and exclusivity that the programming language was created with, it is also possible that it was made not only to prevent external parties from understanding the cyber-espionage operation and the interactions with the C&Cs, but also to keep it separate from other internal Duqu teams who were responsible for writing the additional parts of the malicious program.”

Kaspersky suggests that the developers were highly skilled and likely had significant financial and labour backing. Details of its findings so far are documented in a blog written by Lab expert Igor Soumankov, who urges the programming community to help decipher the unknown language.

How well do you know Internet security? Try our quiz and find out!

Jiten Karia

Recent Posts

Virgin Media O2 To Invest £700m To ‘Transform’ 4G, 5G Network

Virgin Media O2 confirms it will invest £2m a day for new mobile masts, small…

2 days ago

Tesla Cybertruck Deliveries On Hold Due To Faulty Side Trim

Deliveries of Telsa's 'bulletproof' Cybertruck are reportedly on hold, amid user complaints side trims are…

2 days ago

Apple Plots Live Translation Option For AirPods – Report

New feature reportedly being developed by Apple for iOS 19, that will allow AirPods to…

2 days ago

Binance Token Rises After Trump Stake Report

Binance BNB token rises after WSJ report the Trump family is in talks to secure…

3 days ago

iRobot Admits ‘Substantial Doubt’ Over Continued Operation

After failed Amazon deal, iRobot warns there is “substantial doubt about the Company's ability to…

3 days ago

Meta’s Community Notes To Use X’s Algorithm

Community Notes testing across Facebook, Instagram and Threads to begin next week in US, using…

3 days ago