[telecom] Can YOU crack the Gauss uber-virus encryption?

Can YOU crack the Gauss uber-virus encryption?

Appeal for help to break open hidden scrambled payload

By John Leyden

14 August 2012 The Register

Antivirus experts have called on cryptographers and other clever bods for help after admitting they are no closer to figuring out the main purpose of the newly discovered Gauss supervirus.

While it's known that the complex malware features many information-stealing capabilities, with a specific focus on capturing website passwords, online banking account credentials and system configuration data from infected machines, the content of the virus's encrypted payload is still a mystery.

Kaspersky Lab had tracked Gauss for weeks before announcing its discovery last week. Antivirus experts at the security biz and elsewhere have been burning the midnight oil in the days since, and although progress has been made - for example in analysing its architecture [1], unique modules and communication methods - the payload encryption is unbroken.

Researchers reckon the hidden binary blob, when decrypted and executed, looks for a program specifically named using an extended character set, such as Arabic or Hebrew. What that program might be remains unclear as long as the encryption remains unbroken.

The general concuss among security experts is that Gauss - like Flame, Duqu and Stuxnet before it - is a nation-state sponsored cyber-espionage toolkit, quite possibly built from the same components as Flame.

...

formatting link

Reply to
Monty Solomon
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.