Duqu is one of the most intricate, mysterious viruses to be released in several years, matched only in complexity by its predecessor, Stuxnet, but there’s apparently a lighter side to the virus hidden away in the code.
When digging about the source code of an earlier version for clues on how Duqu works and who made it, Moscow-based Kaspersky Lab discovered an “easter egg” of sorts: a reference to Showtime’s hit television show Dexter.
One of the lines of code, referencing a fake font that is utilized in the attack, reads:
“Copyright 2003 Showtime Inc. All rights reserved. Dexter Regular version 1.00. Dexter is a registered trademark of Showtime Inc.”
That the creators have a sense of humor (and a love for Dexter) wasn’t the only thing Kapersky Lab learned about Duqu in their digging, however. When investigating an earlier variant of the virus, researchers discovered a driver signed in 2007, suggesting that development on Duqu could have begun as early as four years ago.
“We can’t be 100% sure [of that date], but all the compiled dates of other files seem to match to attacks,” said Roel Schouwenberg, a senior researcher with Kaspersky, in an interview today (via Computer World). “So we’re leaning towards that date as correct.”
Microsoft has yet to release a patch, but in the interim they’ve offered a temporary fix for the vulnerability. You can find out more about that at this link.