Researchers Seek Help Cracking Gauss Mystery Payload 229
An anonymous reader writes "Researchers at Kaspersky Lab are asking the public for help in cracking an encrypted warhead that gets delivered to infected machines by the recently discovered Gauss malware toolkit. They're publishing encrypted sections and hashes in the hope that cryptographers will be able to help them out."
Adds reader DavidGilbert99: "The so-called Godel module is targeting a specific machine with specific system configurations, and Kaspersky believes the victim is likely a high-profile target. The decryption key, Kaspersky believes, will be derived from these specific system configurations, and so far it has been unable to find out what they are."
Re:Cracking might be impossible (Score:2, Insightful)
Pfft. You actually believed that story about the iPhone?
Warhead? (Score:5, Insightful)
Re:From the Article (Score:5, Insightful)
Re:Warhead? (Score:5, Insightful)
Re:Geez, just ask the NSA (Score:2, Insightful)
Do you seriously believe the NSA would give a flying fig about the GPL?
I'm quite sure they could cite any number of "national security" reasons and tell you to go screw off.
That, of course, presumes you'd get any respond other than "no comment" on your inquiries.
Seriously, playing "what if" about how to force the NSA to disclose code under the GPL is kind of a pointless exercise. You'd be stonewalled to the point of being ignored.
Re:can someone please explain (Score:3, Insightful)
Re:Why ask cryptographers when the key is in there (Score:5, Insightful)
Not to mention that reverse engineering isn't something most people think about or specialize in.
Nope, not something people think about... not so much. Except Kapersky. Yeah, Kapersky labs - that's pretty much what they think about and specialize in. Reverse engineering malware and viruses, that is. That's pretty much exactly what their core expertise involves. So maybe suggesting that they use reverse engineering is a little silly. Particularly when the accompanying article states that they reverse engineered the program and gives details as to exactly what it is doing based on this reverse engineering.
Let's see, who are we talking about anyway? Hmm... Eugene Kapersky [kaspersky.com] is the top guy over there. It seems he was involved with building AVP back in the early 90's before founding Kapersky labs in the late 90's. He also "graduated from the Institute of Cryptography, Telecommunications and Computer Science, where he studied mathematics, cryptography and computer technology, majoring in mathematical engineering." - so he's got the training. Yup, I'd say advising this guy that executing the code in a virtualized environment might solve his problem just might be enough to make you look a tiny bit ridiculous.
Re:Really? (Score:3, Insightful)