Encrypted code in Gauss (credit: Kaspersky)
There are many remaining mysteries in the Gauss and Flame stories, say antivirus experts Kaspersky in their Secure List blog.
For instance, how do people get infected with the malware? Or, what is the purpose of the uniquely named “Palida Narrow” font that Gauss installs?
Perhaps the most interesting mystery is Gauss’ encrypted warhead. Gauss contains a module named “Godel” that features an encrypted payload. The malware tries to decrypt this payload using several strings from the system and, upon success, executes it.
Godel is best know for his incompleteness theorems.
Despite Kaspersky’s best efforts, they were unable to break the encryption. So they are presenting all the available information about the payload in the hope that someone can find a solution and unlock its secrets. They are asking anyone interested in cryptology and mathematics to join us in solving the mystery and extracting the hidden payload.
Secure List has more info.
https://www.securelist.com/en/blog/208193781/The_Mystery_of_the_Encrypted_Gauss_Payload
If you are a world class cryptographer or you can help decrypt them, contact This e-mail address is being protected from spambots. You need JavaScript enabled to view it .
Curiously, “Godel” is the answer to a mystery also related to a runaway attack in the movie The Singlarity Is Near. — Ed.
http://www.kurzweilai.net/can-you-solve-the-mystery-of-the-encrypted-gauss-payload?utm_source=KurzweilAI+Daily+Newsletter&utm_campaign=74ff2dc417-UA-946742-1&utm_medium=email
