New Trojan Virus Contains Uncrackable Encryption

Security researchers at Kaspersky Lab are looking to the cryptography community for help in deciphering the Gauss trojan. Despite their best efforts, the researchers have so far been unable to crack an encrypted payload in the trojan’s “Godel” module; they hope that members of the cryptology and mathematics communities will be able to extract the hidden payload.

The Gauss trojan spreads via USB drives and infects systems using the well-known LNK exploit. These infected drives include two files – “System32.dat” and “System32.bin” – which are 32- and 64-bit versions of the same code which includes several encrypted sections. Once executed, the trojan first gathers information about the victim’s system including running processes, drives and network shares, and save them to another file on the drive named “.thumbs.db”, after which other modules are launched. [More…]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s