[Zak]

It uses an encryption code so sophisticated that only a very few people could have deployed it.

I have a hard time believing that. Sophisticated and effective encryption techniques are well-documented. There are thousands of bored teenagers who could write malware that uses sophisticated encryption. Successfully spreading over the whole Internet while being unobtrusive enough to not be noticed by most victims is, perhaps more impressive.

[Locke1689]

It's layman writing. The worm uses RSA and RC4. SHA1 or MD6 as a hash. Designing these would obviously take a very skilled cryptographer (actually many, many cryptographers). Implementing it just requires a smart programmer who knows a decent amount about cryptography.

[edmccaffrey]

And deploying it only requires someone who can import a library and follow instructions.

[Locke1689]

Eh, not really. If you were talking about a fully defined cryptographic protocol like SSL I would say you were right, but if you're talking about actual cryptographic implementation I would say that it requires a little more knowledge.

See tptacek's post about "Typing the letter's A-E-S'" into your code and cperciva's many post about improper use of secure cryptography.