back to article MYSTERY programming language found in Duqu

Security researchers are appealing for help after discovering that part of the Duqu Trojan was written in an unknown programming language. Duqu is a sophisticated Trojan reckoned to have been created by the same group behind the infamous Stuxnet worm. While the finely tuned Stuxnet worm was designed to home in on specific …

COMMENTS

This topic is closed for new posts.

Page:

  1. Lars Silver badge
    Coat

    What a mystery

    "not written in C++ and it's not compiled with Microsoft's Visual C++ 2008".

    What a mystery there is something else too.

  2. Anonymous Coward
    Anonymous Coward

    Any of US have a clue?

    No ideas here.

    1. robertsgt40
      Pirate

      Re: Any of US have a clue?

      Yep. Mossad

    2. TRT Silver badge
      Holmes

      Re: Any of US have a clue?

      The letters are Elvish, but the language is that of Mordor...

    3. georgejmyersjr

      Re: Any of US have a clue?

      Lisping Rexx?

  3. Anonymous Coward
    Anonymous Coward

    It's written in Voynich

    It's existence till now has been a closely guarded secret. The only previous known use of the language was when Jeff Goldberg wrote a quick hack on his PowerBook and uploaded it to the alien mothership. From the little that's known, it supposedly combines the readability of Perl, the speed of JavaScript, and the intuitiveness of Haskell.

    1. 8-{>

      Re: It's written in Voynich

      Would that be Jeff Goldblum?

      1. TheRealRoland
        Happy

        Re: It's written in Voynich

        Or Whoopi Goldblum. Your guess is as good as mine... I liked her in Jurassic Park.

        1. Will Shaw

          Re: It's written in Voynich

          Except for the bit where she ate that lawyer. Terrifying. Just imagine the gastrointestinal problems you could cause by eating a lawyer.

  4. jai

    a misspelling perhaps?

    "Powerful you have become Duqu, the dark side I sense in you."

  5. pieeater3142
    Coat

    Obviously LOLCode

  6. Anonymous Coward
    Anonymous Coward

    It's O B V I O U S.

    It's written in Thetan.

    1. Elmer Phud Silver badge

      Re: It's O B V I O U S.

      Thetan eh?

      The manuals must cost a forune - and in several volumes.

      It's all Clear(tm) to me now.

  7. The Jon
    Coat

    Intercal?

    1. mafoo
      Devil

      Bah

      you beat me to it! I take your intercal and I raise you Malbolge!

    2. Michael H.F. Wilkinson Silver badge
      Thumb Up

      Or Befunge

      A 2D programming language. Loops are real loops! Maybe there is a befunge++ out there

  8. Anonymous Coward
    Facepalm

    iron python would be my first stab guess

    ^ ^

    I

    V

  9. Ed 16

    Skynet rises!

  10. Pirate Dave
    Pirate

    maybe

    object-oriented assembler? Or, hmm, TurboPascal6? That would be cool.

    1. Spotfist

      Re: maybe

      TurboPascal6, classic!

      Even better would be if it was a ".bat" file lol!

      Echo on!

  11. banjomike
    Thumb Up

    Impressive work...

    both by Kaspersky AND the baddies.

    1. Miek
      Coat

      Re: Impressive work...

      Yeah, but Kaspersky apparently need help with their addition ....

      "The Kaspersky research team has gone some way in unravelling the mystery language used by the Duqu Framework, but still needs addition help."

      Should I get my coat or my pedant's hat? Hmmmm

  12. . 3

    Scheme

    Reminds me about the story of the supposedly biggest ever deployment of the scheme language was an interpreter some poor techie embedded into his employer's toolbar / adware / malware for the express purpose of detecting rival's malware and disabling it. There was such a constant state of flux between the different camps, a lightweight framework for distributing and executing the day's new rules gave them a huge advantage apparently.

    In modern terms though, object orientated and lightweight would suggest Lua. Perhaps the byte code is obfuscated.

    1. Destroy All Monsters Silver badge
      Trollface

      Re: Scheme

      Igor Soumenkov says it's not Lua.

      My money is on some kind of Lisp.

      After all: http://www.franz.com/success/customer_apps/animation_graphics/naughtydog.lhtml

      "With leading edge game systems like ours, you have to deal with complicated behaviors and real-time action. Languages like C are very poor with temporal constructs. C is just very awkward for a project like this. Lisp, on the other hand, is ideal."

      Lateral thoughts: Anyone remember Thierry Breton's "Softwar" Cyberthrilling Cyberpotboiler back from the 80's?

    2. scarshapedstar
      Coffee/keyboard

      Re: Scheme

      Scheme!

      (cons barf (cons puke (cons vomit)))

  13. maccy

    It's Java. Pretty much anything written in Java acts like a virus.

    1. Rob Crawford

      Cant be cos viruses tend to do something

  14. Gordon Fecyk
    WTF?

    So AV firms forgot how to read x86 assembly?

    Like I'm going to trust these guys with protecting my x86 PC given this skill set.

    1. The Man Who Fell To Earth Silver badge
      Boffin

      Re: So AV firms forgot how to read x86 assembly?

      Probably Power BASIC. It has great network support and generates tighter binaries than anything except possibly assembly.

    2. Dr. Vesselin Bontchev
      Boffin

      Re: So AV firms forgot how to read x86 assembly?

      So, you have forgotten how to read English? "These guys" have no problem reading the x86 disassembly and understanding what the code DOES. What they are wondering is what language it was originally written in and compiled from. It definitely wasn't hand-written x86 assembly.

      From the looks of it, my guess would be one of the relatively less-widely used object-oriented languages. Maybe compiled Pyhton or Forth... Compiled Perl might be worth looking at, although personally I think it's unlikely.

      1. Tchou

        Re: So AV firms forgot how to read x86 assembly?

        Python is written in C.

        It seems very unlikely that a skilled team of programmers relies on a high level programming language made by "average Joe" for a critical piece of code.

      2. ShelLuser

        @Vesselin

        If they knew what it does then why would the language matter ?

        They only seem to know that the code section is used to communicate with the other servers when it has infected a machine. But it sounds to me as if they're not quite sure /how/ it makes it happen.

        1. Anonymous Coward
          Anonymous Coward

          Re: @Vesselin

          Presumably, the assembly signature is rather abnormal. What's wrong with being curious?

          Also, if this is a hand-rolled language created by the baddies, then spotting other malware created by them based on said signature would become a lot easier.

      3. Gordon Fecyk
        Mushroom

        The point?

        This sort of news does not inspire confidence in an already dubious anti-virus industry, that spends more money on market research than anti-virus research and has to call out to the masses: "Help us find out how this was written."

        What I would do with actual budget figures from a major AV firm. Even without that information, if they spent more money on AV research than market research, we'd have an off-the-shelf profile-based virus product that can catch this sort of thing before it's written, instead of boxes of the same-old after-the-fact garbage with pictures of Iron Man on the front.

      4. Tom 13
        Coat

        Obviously it was written in Forth.

        That way when it came time to implement the plan, all they had to do was type:

        Go Forth and Conquer!

  15. Mike Brown

    of course we cant read it

    its written by an A.I. The net has become self aware, and is looking for ways to pwn us.

    1. TimeMaster T
      Go

      Re: of course we cant read it

      No, it's the Puppetmaster trying to build itself a body.

  16. Version 1.0 Silver badge

    Not FORTRAN or COBOL then?

    Realistically, given the likely provenance of these babies, if I was running the project then the first thing I'd do would be write a language specifically for them ... after all, if it's a government project then money isn't going to be a big issue. And a virus^H^H^H^H^H payload specific language would offer significant advantages.

    1. Destroy All Monsters Silver badge

      Re: Not FORTRAN or COBOL then?

      > a payload specific language would offer significant advantages.

      But which ones? Why not use libraries + some macro language that you can just pass through ANTLR?

  17. Anonymous Coward
    Anonymous Coward

    It's probably C++

    But written to be parsed right to left ...

    1. MonkeyBot

      Re: It's probably C++

      If it's parsed right to left, does that make it C-- or ++C?

  18. Black Plague
    WTF?

    Remember the rumors that Stuxnet was written by the US military, CIA, etc.?

    Knowing what I know about the history of US Dept of Defense computing, my bet is that it's written in Ada!

    1. Acme Fixer

      Re: Remember the rumors that Stuxnet was written by the US military, CIA, etc.?

      From what little I remember about Ada when I took the class, was that it was not a compiler, not an interpreter, but a translator, which spit out FORTRAN on the IBM 4361. What a joke. One Ada run took 8 minutes to complete and if more than one was running, it was more like 20 minutes.

      I was going to speculate before I read the article. Then I thought, if it's really that obscure, those spooks just want to know if anyone has knowledge about it, so they can interrogate^H^H^H^H^H^H^H^H^H^H question the person about whether or not they had anything to do with writing the actual code (!)

      1. Destroy All Monsters Silver badge
        Childcatcher

        Re: Remember the rumors that Stuxnet was written by the US military, CIA, etc.?

        When was that class you took? Late 80's?

        I'm sure there are pretty good Ada Compilers around now.

        1. bazza Silver badge

          Re: Remember the rumors that Stuxnet was written by the US military, CIA, etc.?

          @Destroy All Monsters: Yes there are! Once ADA runtimes emerged that actually used O/S facilities like threads instead of re-creating those things for themselves, ADA got a *lot* better. From what I vaguely remember, Greenhills ADA on VxWorks was pretty decent indeed.

          I can remember the problems that a bunch of colleagues had in the very early '90s with ADA (on Vax I think). The application they'd written was too large for any of the ADA runtimes of the day to actually run. I never found out if they ever got it going...

      2. h4rm0ny

        Re: Remember the rumors that Stuxnet was written by the US military, CIA, etc.?

        I think you must be going back a long way. I don't know if early Ada was ever implemented as a translator to Fortran, but I'm pretty certain by Ada 95 (when I was learning it), it had its own compiler that did not go via Fortran. I think performance between Ada 95 and Fortran was comparable. In any case, the reason you used Ada wasn't for speed but because its safety features meant your code was "provably" correct. (Just don't mention the Arianne 5 explosion).

        I seriously doubt anyone has written the core of a virus in Ada. Though I would be amused to be proved wrong.

        1. Ralph B
          Big Brother

          > I seriously doubt anyone has written the core of a virus in Ada.

          Well, you would say that, wouldn't you?

  19. Desperate Olive
    Holmes

    Easy

    Brainfuck translated to INTERCAL and then to C++

  20. WhoAmI?
    Devil

    What about...

    MUMPS? That's pretty damn unreadable

    1. Gio Ciampa

      Re: What about...

      Back in the DSM-11 days, maybe... but that was oh so long ago... you'd hardly recognise it now

Page:

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019