Duqu espionage malware authored by “old-school” developers

A sophisticated piece of espionage malware with ties to the Stuxnet worm used to disrupt Iran’s nuclear program was probably authored by an experienced team of “old school” professional developers, researchers from antivirus provider Kaspersky said.

They drew that conclusion after seeking the help of researchers and software developers around the world in identifying the programming language used to develop one part of the Duqu malware. Systems infected with Duqu used the mystery module to receive instructions from command-and-control servers. It didn’t rely on C++ as most of the other Duqu modules did, and the Kaspersky researchers were also able to rule out the use of Objective C, Java, Python, Ada, Lua and several other languages.

In the weeks following the request for help, the Kaspersky researchers received more than 200 blog comments and more than 60 e-mails that helped fill in the blanks. Among them were comments included in this post on Reddit by someone identified as Igo