Kaspersky's Alexander Gostev has some interesting findings on Duqu,
including a connection with Showtime TV's serial killer, Dexter Morgan.
Gostev wrote a pretty extensive analysis of Duqu
on Friday. Duqu's makers have apparently been working on this malware
since 2007 and have affection for fictional TV serial killer Dexter.
The shellcode of the exploit was contained in an embedded font
processed by the win32k.sys system. The font was called Dexter Regular,
and its creators were shown as Showtime Inc.
This is another prank pulled by the Duqu authors, since Showtime Inc.
is the cable broadcasting company behind the TV series Dexter, about a
CSI doctor who happens also to be a serial killer who avenges criminals
in some post-modern perversion of Charles Bronson’s character in Death