Kaspersky Lab released research into Duqu (a supposed Stuxnet variant) at CanSecWest. Its claim is that a part of Duqu was written with a programming language not seen before -- or, as Kaspersky says, that it at least can't identify. On Wednesday, it asked for help in this mystery.
While interesting technologically, what could it be used for? Reliability? Task-specific needs? And interesting operationally: Who would want to learn to code in yet another language? Is this to avoid detection by changing things up for the antiviruses?
If you work to weaponize a Trojan horse, then the possibilities of what this could be used for are endless.
The important aspect of this is that Kaspersky presents a mystery, makes it a geek puzzle that techies love, and engages with the community.
"Compiled in a programming language we haven't seen before," according to Kaspersky researchers.
The comments section in its short research blog on the subject is going crazy with guesses. The community is fully engaged over this relatively small detail -- and Kaspersky is seen as a leader in innovation and bleeding-edge threat detection "from the trenches."
Kaspersky does the research, which is interesting and done well. It releases it to the press. It engages with the community. And it makes it engaging.
The release has the "from the trenches" feel, which is important. Most techies crave the feeling of being involved; the chasm between the bits and bytes and any actual "action" is quite impressive. This gives them an option to be on the front lines, and they would be.
Further, Kaspersky offers to share bits of code, which makes it benevolent, and to give people a potential for much more involvement and engagement as it will look at things themselves, all under the guidance of Kaspersky.
Some side effects: