Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Seek Help In Solving DuQu Mystery Language

Posted by samzenpus on from the rosetta-stone-wanted dept.

An anonymous reader writes "DuQu, the malicious code that followed in the wake of the infamous Stuxnet code, has been analyzed nearly as much as its predecessor. But one part of the code remains a mystery, and researchers are asking programmers for help in solving it. The mystery concerns an essential component of the malware that communicates with command-and-control servers and has the ability to download additional payload modules and execute them on infected machines."

1 of 131 comments (clear)

  1. Re:It says... by Beardo+the+Bearded · · Score: 5, Interesting

    It looks to me to be the output from the PLC compiler. Clear, count, and compare are basic ladder logic commands.

    If you figure out which PLCs the Iranians are using that'll give you the compiler; each brand has its own and you're really unlikely to see it if you haven't used it. How many people here have used DirectSoft? Have you seen Schneider's programming interface?

    That would explain why the researchers haven't seen it. You rarely use PLCs outside of industry.

    --

    ---
    ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.