Duqu Authors Sprinkle Humor in Dangerous Code
11 Nov 2011
PC World, By: Jeremy Kirk (IDG)
For all of the concern around Duqu, the most discussed piece of malicious software since Stuxnet, the latest analysis of its code shows its writers have a sense of humor.
Wrapped in the code used to infect computers is an "Easter egg," or a hidden message. Easter eggs have long been inserted in computer code, often seen only by those who enjoy browsing computer code.
Duqu's exploit, the code used to take advantage of a software vulnerability, contained the line: "Copyright (c) 2003 Showtime Inc. All rights reserved. DexterRegularDexter."
The reference to the television show "Dexter" is meant as a joke. The shellcode of the exploit is contained in an embedded font called "DexterRegularDexter," which is processed by Windows' Win32k TrueType font parsing engine, wrote Aleks Gostev, a senior analyst with the Global Research and Analysis Team for Kaspersky Lab.