Researchers Seek Help Cracking Gauss Mystery Payload
By: Kim Zetter, WIRED
Researchers at Kaspersky Lab in Russia are asking the public for help
in cracking an encrypted warhead that gets delivered to infected
machines by the Gauss malware toolkit.
The warhead gets decrypted by the malware using a key composed of
configuration data from the system it’s targeting. But without knowing
what systems it’s targeting or the configuration on that system, the
researchers have been unable to reproduce the key to crack the
“We are asking anyone interested in cryptology, numerology and
mathematics to join us in solving the mystery and extracting the hidden
payload,” the researchers write in a blog post published Tuesday.
The payload is delivered to machines via an infected USB stick that
uses the .lnk exploit to execute the malicious activity. In addition to
the encrypted payload, infected USB sticks deliver two other files that
also contain encrypted sections that Kaspersky has been unable to crack.