A security researcher demonstrated how he was able to inject his own proof-of-concept malware into the Duqu dropper exploit. He also reconfigured “mini-Flame” to create his own command-and-control servers. The Flame authors may have purposely limited the scope of their malware to avoid them being abused by other attackers, he says. The code was relatively limited, possibly on purpose, possibly because Flame’s Windows installer files are signed. The attack only works in a local subnet, not across the Internet.”]
Source: https://www.darkreading.com/attacks-breaches/a-flame-duqu-test-drive