DuQu Mystery Language Solved With the Help of Crowdsourcing
A group of researchers who recently asked the public for help in figuring out a mysterious language used in the DuQu virus have solved the puzzle, thanks to crowdsourcing help from programmers who wrote in to offer suggestions and clues.
The language, which DuQu used to communicate with command-and-control servers, turns out to be a special type of C code compiled with the Microsoft Visual Studio Compiler 2008.
Researchers at Kaspersky Lab, who put out the call for help two weeks ago after failing to figure out the language on their own, said they received more than 200 comments to a blog post they wrote seeking help, and more than 60 direct emails from programmers and others who made suggestions.
DuQu, an espionage tool that followed in the wake of the infamous Stuxnet code, had been analyzed extensively since its discovery last year. But one part of the code remained a mystery - an essential component of the malware that communicates with command-and-control servers and has the ability to download additional payload modules and execute them on infected machines.
Kaspersky researchers were unable to determine the language in which the communication module was written and published a blog post asking programmers for help. Identification of the language would help them build a profile of DuQu's authors.
Continued : www.wired.com/threatlevel/2012/03/duqu-mystery-language-solved/
Related: Researchers Seek Help in Solving DuQu Mystery Language