Duqu written using old school object oriented C
When Kaspersky Labs analysed the Duqu Trojan early last month, they were stumped by a block of code that appeared to be previously unseen programming language. It seems now that the language was not new, but rather an old one. A custom object oriented C framework compiled with MSVC 2008 including options to minimise size and expand only when activated in line.
The choice of programming language suggests that at least some Duqu developers started programming at a time when Assembler was the language of choice and then moved on to C++. Duqu, remote access Trojan created to steal data from industrial control systems, was discovered last November by the Laboratory of Cryptography and Systems Security in Budapest. The malware attracted considerable attention because of similarities to Stuxnet, that disrupted operations at Iran Natanz nuclear facility in 2010.
Many researchers have speculated that the two pieces of malware may have been written by the same authors, though with slightly different goals in mind - Stuxnet, designed to physically damage industry control equipment while Duqu was designed to mostly steal data in order to attack systems later.