NOTA BENE

Notes, comment and buzz from Eugene Kaspersky – Official Blog

April 1, 2013

New viruses from Chelyabinsk so advanced they blow the mind.

Every day our valiant antivirus lab processes hundreds of thousands of files. Each single day! Admittedly, some of them turn out to be clean and honest files, or just broken code, innocent scripts, assorted scraps of data, etc., etc., etc., but mostly it’s maliciousness – a lot of which is analyzed and processed automatically (as I’ve already mentioned on these cyberpages).

But every now and again we come across some reeeaaal unusual items – something totally new and unexpected. Something that activates the little grey cells, makes the heart beat faster, and gets the adrenaline pumping. I mean things like Stuxnet, Flame, Gauss and Red October.

Anyway, it looks like we’ve found something else in this original-oddity category…

Yes, we’ve detected another malware-monster – a worm originating from the cyberstreets of the Russian Internet. What we were able to say straight off was that it surpasses in sophistication by a long way not only all known malicious programs today – including professional cyberspies and cyberweapons – but also any other known software – judging by the logic of the algorithms and the finesse of their coding.

Yes folks, this is big!

We’ve never come across such a level of complexity and perplexity of machine code with program logic like this. Analyzing the most complicated worms and Trojans normally takes several weeks – whereas this baby looked like it’d take years! Maybe several years!!! It’s just so darn elaborate and convoluted.

I don’t know a single software company that would have been able to develop such a beast. Nor any cybercriminals with their mostly primitive malware. Nor any of the secret services assumed to be behind the more artful malware that’s appeared in recent years. No. This new find simply cannot be the work of any of those three.

So… Are you sitting down? No? Change that.

I’d say it’s theoretically impossible to say that this code was written by a human being (glad to be seated now?).

This code is so infernally intricate that I fear this newly-discovered worm must have extraterrestrial origins.

Hohoho

But wait – there’s more. It gets more out-of-this-world mind-blowing!…

We received the first samples of this new computer virus at the end of February from the Chelyabinsk region, and also from the scientific research institutes investigating the fragments of the celebrated Chelyabinsk meteorite. A coincidence? I don’t think so. Incidentally, the geographical origin gave the worm its working title – “Chelyabinsk”.

But there’s yet more Earth-shattering sensation!…

Most of the infections were detected on computers of scientists of the Russian Academy of Sciences returning from their field investigations into the meteor in Chelyabinsk!!

After we’d calmed down a bit, we started dialogue with these bearded experts in white coats, who turned out to be very open and friendly with us. And boom! Our excited ramblings about a meteorite connection with the onset of unprecedented computer maliciousness didn’t surprise them one bit! In fact, a computer infection from the cosmos would confirm several of their speculations…

Now, normally, these bespectacled white-coats would come on strong with the academic assumptions and hypotheses characteristic of scientific circles. They can blow up the few pixels confirming their latest theories into events of mammoth proportions, while at the same time, if something doesn’t tie up with those theories, are often quick to conveniently bin certain facts. I mean, just look what happened when scientists were told that the Earth is flat!…

Ok, ok, I digress a little, but what I’m trying to say here is that these oh-so respected scientists can have a tendency to be – if I may be frank – deluded. But this time, in this case, I’d say there’s not a smidgen of delusion. Or fact-binning. Or over-postulation. Judge for yourself: here’s what they told us:

  1. There exists a hypothesis about a cosmic origin of life on Earth; that proto-bacteria were put onto the prehistoric barren Earth via interstellar objects like meteorites and asteroids. The scientists think that the incident with the Chelyabinsk malware only confirms this intergalactic theory of the world’s origin. They say it’s an example of “spontaneous cosmic trans-planetary permutation” – not only of primitive forms of biological life, but also of computer worms. What’s more, they say this in complete seriousness.
  2. Some other beards put it this way (I quote): “All known computer malware was created by human beings. But what we’ve got here is a new form of digital essence: Alien computer life infiltrating Earth – specifically, its Internet – via meteoroids, which clearly represents a momentous historic event. Without doubt, it confirms the theory of the initial duality of biological life on Earth – one part of which came about of its own accord, the other part – implanted from without, from space. Thus, we can deduce that today on Earth there simultaneously exist, not two, but three parallel forms of bio-life: terrestrial, extraterrestrial, and also hybrid.”

And so the story unfolds… So what are we to do?

Good question. After all, today’s antivirus industry is used to and geared up for mundane terrestrial computer attacks, whereas here – it’s a direct challenge from the solar system – or beyond! All the same, it goes without saying that sooner or later my woodpeckers will be able to crack this alien code, and soon after that the first trial vaccines will be released for testing by KL fan club and forum members. But something tells me there are other possible sources of threats… from regions practically unknown to man. I mean the underwater and underground worlds. I can just feel it…

So we’ve decided to dig/dive and wood-peck there too. But that’s one for the future. For now, the simplest way to have a look under the hood of the planet is to check volcanic emissions. So, logically, I’m off now to Kamchatka. Where else?!

We’ve organized an expedition to the Tolbachik volcano, which is currently violently erupting tons of lava. I’m off to find computer maliciousness at the very hottest point of the world’s surface. I’ll let you know the results as soon as they’re in…

Bye for now folks, and see y’all tout suite :).

comments 11 Leave a note

SlingTrebuchet

I think you are right!

The “EB” highlighted in the code above can only be the signature of an Extraterrestial Being.

……… Well, if it’s not the Easter Bunny.
If it is the Bunny, then you might find Kamchatka spewing molten chocolate. Which.. let’s face it, could be fun.
Think positive!

0
Reply to conversation

Larry Constantine (Lior Samson)

Nice to hear hints of an advanced civilization–that writes malware! Good timing, too.

0
Reply to conversation

Tim Moran (@timothymoran)

April Fools!

0
Reply to conversation

Nicolas Brulez

EB is the opcode of short uncondional jump in intel assembly

0
Reply to conversation

Bruno Caldeireiro

April 1?

0
Reply to conversation

AlexSmirnov

Aha! At long last we are giving due to where it is due and taking serious things seriously!

Thank you, Kaspersky Lab and personally to Eugene Kaspersky, for heads up on what’s really happening behind the scene and especially for keeping us, mere mortals, the public, in the loop. Not a small thing for a Russian (read, ex soviet) fella to come forward, and reveal such things publicly.

I wish you all the best with your Kamchatka expedition and one of my choppers with very experienced pilot (who’s by the way also took part in Chelyabinsk meteorite investigation and who’s computer (surprise, surprise) has been indeed infected by the referenced virus), is under way.

Go and get them, tiger!

Yours truly,

Alex Smirnov

0
Reply to conversation

Juan Fernando Mora

In the internet written by Eugene Kaspersky himself, this is real folks U_u

0
Reply to conversation

Roland

You write good fiction Eugene. Particularly for April Fool’s day.

0
Reply to conversation

Bev Robb (@teksquisite)

Huh! This sounds overwhelming = I’ll loan you some of my Imperial Woodpeckers to peck out a faster timeline :)

0
Reply to conversation

KASPERSKYFANATIC

it is a good april fool :) ı love you MR KASPERSKY :)

0
Reply to conversation

Mike Crews

LOL,

0
Reply to conversation
Leave a note
April 24, 2015

Singapore through the eyes of a first-timer.

Hi all! D.Z. – this is one of most distinguished and respected KLers, with us since last century (taking a brief creative break in the mid-2000s). D.Z. has also been my fellow traveler a d.z.illion times to… oh, practically everywhere on this planet – but surprisingly not to Singapore. He always takes with him a trusty […]

April 21, 2015

INTERNET-INTERPOL-2015.

I first used the term ‘Internet-INTERPOL’ somewhere around the start of the 2000s. The first time I got round to writing it down was in 2003. This year – 2015 – some 12 years later, finally, what I’ve been talking about, pushing for, advocating, promoting all these years is here: An INTERPOL division dedicated exclusively […]

April 17, 2015

On a plane to Singapore: the kino – very poor.

Hi all! Continuing a fave theme of mine here. No, not volcanoes; no, not cliffs; and no, not banya. Instead: planes, aeroplanes and airplanes… Recently we flew on an Internetted Singapore Airlines Boeing 777 to Changi. And the experience was… mixed.

April 1, 2015

Internet on a jet.

Back on the road again… Rather – up in the air. So I continue one of my fave, recurring themes – flying and planes and all that. 2015 kicked off with some serious avia action for me: I’m already on my 30th flight, having been up in the skies 130+ hours. Not that I’m complaining – […]

March 31, 2015

A hotel on the banks of the Colorado. Woh!

There are a great many beautiful and unusual towns and cities in the world, there are volcanoes, there are valleys and canyons, and islands and lakes. There are also of course rivers: loads of them – all different. There are the grandiose, like the super-wide Amazon with its adjacent jungles, anacondas, piranhas, crocodiles and other […]

March 28, 2015

Hold on tight! In an off-road vehicle – off-road in Utah.

A few words about the vehicle that transported us about in Utah. And let’s not forget the super chauffeur… Here she is, a classic of the genre, giving the Land Rover Defender a run for its money: the Toyota Land Cruiser. Quite an old one at that. Only demonstrates the ruggedness of this remarkable 4×4: […]

More