The mystery of Duqu framework solved
(Publication) Google search: [1]
| The mystery of Duqu framework solved | |
|---|---|
| Botnet | Duqu |
| Malware | Duqu (bot) |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 19 mars 2012 |
| Editor/Conference | Kaspersky lab |
| Link | http://www.securelist.com/en/blog/677/The mystery of Duqu Framework solved (Archive copy) |
| Author | Igor Soumenkov |
| Type | |
Abstract
“ In my previous blogpost about the Duqu Framework, I described one of the biggest remaining mysteries about Duqu – the oddities of the C&C communications module which appears to have been written in a different language than the rest of the Duqu code. As technical experts, we found this question very interesting and puzzling and we wanted to share it with the community.
The feedback we received exceeded our wildest expectations. We got more than 200 comments and 60+ e-mail messages with suggestions about possible languages and frameworks that could have been used for generating the Duqu Framework code. We would like to say a big ‘Thank you!’ to everyone who participated in this quest to help us identify the mysterious code.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR969,
editor = {Kaspersky lab},
author = {Igor Soumenkov},
title = {The mystery of Duqu framework solved},
date = {20},
month = Mar,
year = {2012},
howpublished = {\url{http://www.securelist.com/en/blog/677/The_mystery_of_Duqu_Framework_solved}},
}