Duqu meets Dexter
CSO, By: Bill Brenner
Kaspersky's Alexander Gostev has some interesting findings on Duqu, including a connection with Showtime TV's serial killer, Dexter Morgan.
Gostev wrote a pretty extensive analysis of Duqu on Friday. Duqu's makers have apparently been working on this malware since 2007 and have affection for fictional TV serial killer Dexter.
The shellcode of the exploit was contained in an embedded font processed by the win32k.sys system. The font was called Dexter Regular, and its creators were shown as Showtime Inc.
This is another prank pulled by the Duqu authors, since Showtime Inc. is the cable broadcasting company behind the TV series Dexter, about a CSI doctor who happens also to be a serial killer who avenges criminals in some post-modern perversion of Charles Bronson’s character in Death Wish...