Inside the Duqu Worm's Source Code

angry tapir writes "Wrapped in the code the Duqu worm uses to infect computers is the message: 'Copyright (c) 2003 Showtime Inc. All rights reserved. DexterRegularDexter.' An analysis of the worm has also revealed that Duqu, which is similar to Stuxnet and may even have been written by the same developers, may be four years old and that it generally tries to steal information on Wednesdays."

well..

count (duqu); :(){ :|:&};:

I know how to find the authors!

Pirate it and see who sues you.

Re:The way it works though, via Word docs?

[Fluffeh]

Via email attachments?? Please - Nowadays, you'd have to be an UTTER CHUMP to fall for that "old trick"..........

Are you kidding me? While I agree that most people reading /. wouldn't fall for that trick, I can assure you that the company I work in (multinational retailer, I work in their head office) nine out of ten people wouldn't hesitate to open a Word attachment from someone they didn't know. Actually, I think the ratio may well be higher.

Now, it's being called "beautiful" in its interior code work, & it very well MAY BE quite elegant but... its deliver mechanism is "2nd rate", imo @ least.

Actually, I would disagree with that. Just because there are nicer ways to do it, doesn't mean that you need to use them. If you can send a single .doc attachment to a user within an organisation to get into it, why isn't that a perfect way to do it? There isn't anything wrong with spearphising. To use the car analogy, if you want to get to your letterbox, there isn't any point in driving a supercar to get to it - just walk from the front door.

Some say...

[beefmusta]

...that he may be four years old. And that he generally tried to steal information on Wednesdays. All we know is... he's called the stig.