NOTA BENE

Notes, comment and buzz from Eugene Kaspersky – Official Blog

April 1, 2013

New viruses from Chelyabinsk so advanced they blow the mind.

Every day our valiant antivirus lab processes hundreds of thousands of files. Each single day! Admittedly, some of them turn out to be clean and honest files, or just broken code, innocent scripts, assorted scraps of data, etc., etc., etc., but mostly it’s maliciousness – a lot of which is analyzed and processed automatically (as I’ve already mentioned on these cyberpages).

But every now and again we come across some reeeaaal unusual items – something totally new and unexpected. Something that activates the little grey cells, makes the heart beat faster, and gets the adrenaline pumping. I mean things like Stuxnet, Flame, Gauss and Red October.

Anyway, it looks like we’ve found something else in this original-oddity category…

Yes, we’ve detected another malware-monster – a worm originating from the cyberstreets of the Russian Internet. What we were able to say straight off was that it surpasses in sophistication by a long way not only all known malicious programs today – including professional cyberspies and cyberweapons – but also any other known software – judging by the logic of the algorithms and the finesse of their coding.

Yes folks, this is big!

We’ve never come across such a level of complexity and perplexity of machine code with program logic like this. Analyzing the most complicated worms and Trojans normally takes several weeks – whereas this baby looked like it’d take years! Maybe several years!!! It’s just so darn elaborate and convoluted.

I don’t know a single software company that would have been able to develop such a beast. Nor any cybercriminals with their mostly primitive malware. Nor any of the secret services assumed to be behind the more artful malware that’s appeared in recent years. No. This new find simply cannot be the work of any of those three.

So… Are you sitting down? No? Change that.

I’d say it’s theoretically impossible to say that this code was written by a human being (glad to be seated now?).

This code is so infernally intricate that I fear this newly-discovered worm must have extraterrestrial origins.

Hohoho

But wait – there’s more. It gets more out-of-this-world mind-blowing!…

We received the first samples of this new computer virus at the end of February from the Chelyabinsk region, and also from the scientific research institutes investigating the fragments of the celebrated Chelyabinsk meteorite. A coincidence? I don’t think so. Incidentally, the geographical origin gave the worm its working title – “Chelyabinsk”.

But there’s yet more Earth-shattering sensation!…

Most of the infections were detected on computers of scientists of the Russian Academy of Sciences returning from their field investigations into the meteor in Chelyabinsk!!

After we’d calmed down a bit, we started dialogue with these bearded experts in white coats, who turned out to be very open and friendly with us. And boom! Our excited ramblings about a meteorite connection with the onset of unprecedented computer maliciousness didn’t surprise them one bit! In fact, a computer infection from the cosmos would confirm several of their speculations…

Now, normally, these bespectacled white-coats would come on strong with the academic assumptions and hypotheses characteristic of scientific circles. They can blow up the few pixels confirming their latest theories into events of mammoth proportions, while at the same time, if something doesn’t tie up with those theories, are often quick to conveniently bin certain facts. I mean, just look what happened when scientists were told that the Earth is flat!…

Ok, ok, I digress a little, but what I’m trying to say here is that these oh-so respected scientists can have a tendency to be – if I may be frank – deluded. But this time, in this case, I’d say there’s not a smidgen of delusion. Or fact-binning. Or over-postulation. Judge for yourself: here’s what they told us:

  1. There exists a hypothesis about a cosmic origin of life on Earth; that proto-bacteria were put onto the prehistoric barren Earth via interstellar objects like meteorites and asteroids. The scientists think that the incident with the Chelyabinsk malware only confirms this intergalactic theory of the world’s origin. They say it’s an example of “spontaneous cosmic trans-planetary permutation” – not only of primitive forms of biological life, but also of computer worms. What’s more, they say this in complete seriousness.
  2. Some other beards put it this way (I quote): “All known computer malware was created by human beings. But what we’ve got here is a new form of digital essence: Alien computer life infiltrating Earth – specifically, its Internet – via meteoroids, which clearly represents a momentous historic event. Without doubt, it confirms the theory of the initial duality of biological life on Earth – one part of which came about of its own accord, the other part – implanted from without, from space. Thus, we can deduce that today on Earth there simultaneously exist, not two, but three parallel forms of bio-life: terrestrial, extraterrestrial, and also hybrid.”

And so the story unfolds… So what are we to do?

Good question. After all, today’s antivirus industry is used to and geared up for mundane terrestrial computer attacks, whereas here – it’s a direct challenge from the solar system – or beyond! All the same, it goes without saying that sooner or later my woodpeckers will be able to crack this alien code, and soon after that the first trial vaccines will be released for testing by KL fan club and forum members. But something tells me there are other possible sources of threats… from regions practically unknown to man. I mean the underwater and underground worlds. I can just feel it…

So we’ve decided to dig/dive and wood-peck there too. But that’s one for the future. For now, the simplest way to have a look under the hood of the planet is to check volcanic emissions. So, logically, I’m off now to Kamchatka. Where else?!

We’ve organized an expedition to the Tolbachik volcano, which is currently violently erupting tons of lava. I’m off to find computer maliciousness at the very hottest point of the world’s surface. I’ll let you know the results as soon as they’re in…

Bye for now folks, and see y’all tout suite :).

comments 11 Leave a note

SlingTrebuchet

I think you are right!

The “EB” highlighted in the code above can only be the signature of an Extraterrestial Being.

……… Well, if it’s not the Easter Bunny.
If it is the Bunny, then you might find Kamchatka spewing molten chocolate. Which.. let’s face it, could be fun.
Think positive!

0
Reply to conversation

Larry Constantine (Lior Samson)

Nice to hear hints of an advanced civilization–that writes malware! Good timing, too.

0
Reply to conversation

Tim Moran (@timothymoran)

April Fools!

0
Reply to conversation

Nicolas Brulez

EB is the opcode of short uncondional jump in intel assembly

0
Reply to conversation

Bruno Caldeireiro

April 1?

0
Reply to conversation

AlexSmirnov

Aha! At long last we are giving due to where it is due and taking serious things seriously!

Thank you, Kaspersky Lab and personally to Eugene Kaspersky, for heads up on what’s really happening behind the scene and especially for keeping us, mere mortals, the public, in the loop. Not a small thing for a Russian (read, ex soviet) fella to come forward, and reveal such things publicly.

I wish you all the best with your Kamchatka expedition and one of my choppers with very experienced pilot (who’s by the way also took part in Chelyabinsk meteorite investigation and who’s computer (surprise, surprise) has been indeed infected by the referenced virus), is under way.

Go and get them, tiger!

Yours truly,

Alex Smirnov

0
Reply to conversation

Juan Fernando Mora

In the internet written by Eugene Kaspersky himself, this is real folks U_u

0
Reply to conversation

Roland

You write good fiction Eugene. Particularly for April Fool’s day.

0
Reply to conversation

Bev Robb (@teksquisite)

Huh! This sounds overwhelming = I’ll loan you some of my Imperial Woodpeckers to peck out a faster timeline :)

0
Reply to conversation

KASPERSKYFANATIC

it is a good april fool :) ı love you MR KASPERSKY :)

0
Reply to conversation

Mike Crews

LOL,

0
Reply to conversation
Leave a note
July 31, 2015

Icelandic Waterfallism.

Iceland‘s a very wet country in the cool time of year, and very snowy in winter. (There isn’t a warm season here to speak of – unless you submerge yourself in hot springs for three months.) So, in terms of H2O here – there’s plenty. And since there are a great many volcanoes in the […]

July 29, 2015

Icelandic tectonic.

Everyone’s got a basic idea of how this planet of ours is constructed, even primary school kids. It goes something like this: in the middle of the planet is the core – the nucleus; then there’s the mantle, and on the outside there’s the hard crust, upon which you’re reading this blog. But the earth’s […]

July 28, 2015

Iceland: Niceland.

I’d long dreamed of one day getting to the very volcanic island of Iceland for a spot of sightseeing, trekking and leisurely driving. I’d heard great things from friends and colleagues, seen some awesome pics of the scenery there, and heard some of the island’s music, but only recently did I finally find myself spending […]

July 24, 2015

Your car controlled remotely by hackers: it’s arrived.

Every now and again (once every several years or so), a high-profile unpleasantness occurs in the cyberworld – some unexpected new maliciousness that fairly bowls the world over. For most ‘civilians’ it’s just the latest in a constant stream of seemingly inevitable troublesome cyber-surprises. As for my colleagues and me, we normally nod, wink, grimace, […]

July 23, 2015

The tiniest biggest country in the world.

Hi folks! This here post is the last in my mini-series from St. Petersburg. It continues the ‘places to visit‘ theme, but with a difference; for the place it describes resembles a museum, but it isn’t a museum really, I think. Or maybe it is. It claims to be one… Hmmm, whatever it is, it’s […]

July 21, 2015

Railroad feats in St. Pete.

There are different kinds of museums. There are real museums (in the classic understanding of the word), there are expositions, exhibitions, installations… What other words are there for describing such events? Graffiti! Btw, good quality graffiti done in good taste – is it an exposition or installation or hooliganism? The latter I cross out since […]

More