Whoever Wrote the Duqu Trojan's Framework Wrote It in an Unknown Programming Language

Whoever Wrote the Duqu Trojan's Framework Wrote It in an Unknown Programming Language

gizmodo.com

The rest of the program is written and compiled in C++, but not the Duqu Framework. It "is definitely object-oriented," wrote Igor Soumenkov but certainly not anything the analysts had ever seen before.

This discovery only further fuels speculation that both Duqu and Stuxnet are the results of a very advanced, very well-funded organization's or, more likely, nation's efforts. As Alexander Gostev, chief security expert at Kaspersky Lab, speculated,

With the extremely high level of customization and exclusivity that the programming language was created with, it is also possible that it

(visit the link for the full news article)


Related News Links:
www.securelist.com
malware.cbronline.com

Well, it's official it was aliens. Count Dooku strikes again...

... oh wait...

Did they say very advanced, well funded organization's or more likely nation's efforts???

Hmmm... wonder who that could be?

*Looks at Langley Virginia*

You can actually se the language here: link.

This is the "son of stuxnet" virus that attacked Iran. It is cyber terrorism aimed at infrastructure. It seems to me the pot is blacker than the kettle here.

It's not alien, it's english... as much as any programing language is... but wasn't Dooku the stooge to set up the coming Empire? Maybe they are onto something with this name after all...



gizmodo.com
(visit the link for the full news article)

ATS threads: Iran says it has 'controlled' Duqu malware attack
Duqu Virus Exploits Microsoft Windows Software Flaw
'Son of Stuxnet' hits European computer networks

I'm just reading the news now, and have no clue what you are referring to.

Can you give the relevancy aspect of this? What is duqu Trojan?

Is it the trojan they are saying that some anonymous hackers downloaded?

NOPE!

What is Duqu? The Duqu trojan is composed of several malicious files that work together for a malicious purpose. The first component is a Windows kernel driver that searches for and loads encrypted dynamic link library (DLL) files. The decrypted DLL files implement the main payload of Duqu, which is a remote access trojan (RAT). The RAT allows an adversary to gather information from a compromised computer and to download and run additional programs. In addition to the RAT, another piece of malware was recovered with Duqu in one instance. This malware is an information stealer designed to log user keystrokes and other information about the infected system. This piece of malware is believed to be related due to programming similarities with the main Duqu executables.

Source: www.secureworks.com...


In other words, its lookin at anything you type: SSN, bank info, addresses, emails, secret communications, webaddresses. Also has the ability to give someone access to your computer through remote access techniques. Some scary stuff!

It's not a nation, its a group of extremely bright children and young adults that were educated by NASA.

They developed it then the military confiscated it and used it.


They do this so in the future they have a scapegoat.

"Well, these kids created it, they must have been the ones to use it."

This helps when its found to cull tensions. If the military can make the subject country believe it was kids "harmlessly" messing around then political tension won't rise as easily.

Originally posted by DarkSarcasm
It's not a nation, its a group of extremely bright children and young adults that were educated by NASA.

This is entirely possible.

MK ULTRA style.

I seen this earlier on FB and like other people who know about computer languages, I was able to determine that its based on LISP within about 6 seconds of scanning through the source print.

LISP is an old and weird language that actually needed a special keyboard to write it.

Originally posted by DarkSarcasm
It's not a nation, its a group of extremely bright children and young adults...

Certainly possible. How old was "DVD-Jon" when he was breaking the unbreakable encryption on DVDs?

You don't need massive resources to create your own programming language. You just need to be bright, motivated and have time on your hands. Just look at the open source movement to see what amazing things people have done with a bit of elbow grease.

As it stands, from reading through the further comments and replies from the author, it is starting to sound like it might be an implementation of (or based around) a known language.

I wonder if the Tier 1 cyber techs call their unit "DevGnu"?

...well it sounded funny in my head before I typed it

That is some scary stuff right their.

reply to post by Fishticon84


I second SOO: daifukkat.su... Explicit destructors, no inheritance, etc ...

This is complete bollony. There's no such thing as "unknown programming language". Every single program, regardless of platform(unix, linux, microsoft, apple), when compiled(transformed into machine code) will become binary. They can even be written using binary code itself(Assembler).

The title is missleading, there are indeed similaries found to other languages! Its really not like "wtf this is complete unknown/alien".

just to say...from a professional programmer...

edit: there are hundreds of derivates from other languages, self-made compilers/linkers etc.
the whole thing is extremly event driven and object oriented, too. It might use a custom build framework. Just what comes out if you disassemble it ist yet not what its supposed to look like, if you take other languages next to it and compare it.

of course, this hasn´t been done with every language yet...

Unknown is not unusual. There are thousands of programming languages, and just about every good CS student at some point (usually several) will write their own language and/or compiler.

This is probably just more obscure than unknown, and probably just some framework on top of C.

Originally posted by pianopraze

Whoever Wrote the Duqu Trojan's Framework Wrote It in an Unknown Programming Language

gizmodo.com

The rest of the program is written and compiled in C++, but not the Duqu Framework. It "is definitely object-oriented," wrote Igor Soumenkov but certainly not anything the analysts had ever seen before.

This discovery only further fuels speculation that both Duqu and Stuxnet are the results of a very advanced, very well-funded organization's or, more likely, nation's efforts. As Alexander Gostev, chief security expert at Kaspersky Lab, speculated,

With the extremely high level of customization and exclusivity that the programming language was created with, it is also possible that it

(visit the link for the full news article)


Related News Links:
www.securelist.com
malware.cbronline.com

"wrote Igor Soumenkov but certainly not anything the analysts had ever seen before"

That doesn't mean that it's anything out of this world or amazing. It just means it's different than any identified language.

It's really not that exciting. Anyone can take any existing language and change the syntax and have a new language. Doesn't mean it's better or smarter. Could be i guess. But.. likely just different specifically to avoid detection. Could be as simple as pig-latin to english. Changing the meaning of a $. Replacing the meaning of a $ with a ?

I think it probably was Darth Vader either way.

reply to post by pianopraze


Yes the dugu framework is something israel received from the U.S in order to make all their cyber attacks against other countries untraceable. What else is new.

I read somewhere the code was akin to IBM? Wouldn't that be ironic if that code was from the legendary John Tittor and the IBM 5100 computer story...fascinating.

Keep up the good work Piano.

"This is how liberty dies, with a thundering applause."

Nothing surprising there.

It's only a matter of time.

It's only improving upon the original source. Evolution. The very way mankind had evolve.

C++ is highly flexible. Once you get the basic principles right, you can, not only improve upon it, but create something new, based upon your requirement. And that's just you. Think of how many billions more out there whom have even greater creativity. No 2 human thinks alike. nor the intellectual developement level

WIth that amount of creativity, if one lived in another era such as the Catholic dominated time of 15th century, one would would have been burnt on the stake for having such powers.

Only issue is - should we use such creativity to help ourselves, or to help mankind? Power comes with responsiblities to others . May one be wise.

Originally posted by SeekerofTruth101
C++ is highly flexible. Once you get the basic principles right, you can, not only improve upon it, but create something new, based upon your requirement.

Well, except that this seems LESS advanced than C++. No object inheritance for a start. It's just an idiosyncratic extension of the decades old C language.

I would have to say by reading the comments of the site.

www.securelist.com...

Conclusions
The Duqu Framework appears to have been written in an unknown programming language.
Unlike the rest of the Duqu body, it's not C++ and it's not compiled with Microsoft's Visual C++ 2008.
The highly event driven architecture points to code which was designed to be used in pretty much any kind of conditions, including asynchronous commutations.
Given the size of the Duqu project, it is possible that another team was responsible for the framework than the team which created the drivers and wrote the system infection and exploits.
The mysterious programming language is definitively NOT C++, Objective C, Java, Python, Ada, Lua and many other languages we have checked.
Compared to Stuxnet (entirely written in MSVC++), this is one of the defining particularities of the Duqu framework.

That the reason they seem so confused and it seems the software was wrote in so many languages but not really in those languages is because it was written in Virtual PC patch work. I figured I would look to see which company in the virtual pc world was working with DOD. It seems VMware worked with General Dynamics on a military project for virtual software.

www.defenseindustrydaily.com...

TVE creates virtual machines within a single computer using VMware. Each virtual machine can run different operating systems – such as Windows, Linux, and Solaris – and at different security levels in separate windows on a shared computer and monitor.

“Using the VMware software along with the hardware capabilities of the newer Intel chipsets allows us to get a higher assurance of separation between these [classification] domains than we had been able to 5 or 10 years ago”, he said.

In addition to VMware, General Dynamics has worked with Intel in developing the TVE platform, which uses Intel’s vPro technology to provide hardware-based information security that ensures the classified networks are kept separate.

VMware allows one computer language to be translated to another to be ran on a computer that uses a seperate language. Thats the part the article is missing and is where the virus seems to be running in the translator or patch between languages. But it has a brain such as a live cd. Such as leaked FBI live cd which was used to hack WiFi or the USB hacking tool that was leaked when it was being used to spy on computers at the airport.The USB hacking device was programmable and could be changed by the user to do different functions.