Bidvert-advert

Stay Update - ICT Security

Enter your email address:

We hate spam as much as you do and we will never sell, barter, or rent your email address to any unauthorized third party.

Most Frequently Used Software


CURL / XPertMailer / AutoBlogger / (Parser - PHP Simple HTML DOM)

lunedì 19 marzo 2012

Kaspersky Lab reveals complexity of OO C coded Duqu

Kaspersky Lab has revealed that the Duqu malware used the source code object oriented C (OO C) which specially written by a qualified.

It claimed that a previously unknown code block, located inside a bit of the malicious program's Payload DLL that was liable for interacting with the command and control (C&C) servers after infection, includes ‘C' source code compiled with Microsoft Visual Studio 2008 and special options for optimising code size and in-line expansion.

It said that the code was also written with a customized extension for combining object-oriented programming with C, generally often known as ‘OO C'.

Having called for assistance to the safety industry, Vitaly Kamluk, chief malware expert at Kaspersky Lab said that using this code made it more portable, efficient and light-weight and the analysis of the code would help it determine who the attacker(s) is and learn habits to make a more robust guess of who was behind it.

He said: “It is usual for software developers to make use of simple tools to create code that's easier and faster and makes life simpler. With Duqu it's the opposite, professional developers create their very own framework so a software architect introduced this module.”

He also said that this code/framework was used for the 1st time during this instance, or it should were recognised. “OO C is a typical development approach for Mac OS, it is a reimplementation for Mac OS but for Windows, but there may be some malware for Mac OS that's implemented in OO C,” he said.

Kamluk said that was ‘civil code', developed by an ordinary cybercriminal that appears just like the normal style for coding enterprise style applications, but behind it was more likely to be large organisation who can afford special skills of their development team.

He suspected that it was built by someone with special skills and by a development team of 20-30 people and that it might probably encompass different organisations. He also said that there have been no clear geographical specifics within its analysis.

“Compared to standard malware, it will probably take at the least three-to-five times longer to create it. Traditional malware may be created by a student, this was done by a certified,” he said.



Pubblicato da alle 08:01

Nessun commento:

Posta un commento

Comments links could be nofollow free

Iscriviti a: Commenti sul post (Atom)