Hashcat's GPU-accelerated Gauss encryption cracker

GReAT
Kaspersky Lab Expert
Posted December 28, 10:45 GMT
Tags: AMD, Linux, Gauss

0.6

2012 was a year full of major security incidents: Flame, Shamoon, Flashback, Wiper, Gauss, and so on. As we are about to turn the page, many unsolved mysteries remain still. Perhaps the most interesting unsolved mysteries are related to the Gauss Trojan: the Palida Narrow font and the unknown encrypted payload.

Previously, we’ve published a blogpost about the encrypted payload hoping that the crypto community will take on the challenge and break the encryption scheme to reveal the true purpose of the mysterious malware.

Yesterday, Jens ‘atom’ Steube, who is best known as the author of ‘(ocl)hashcat’ - a GPU accelerated password recovery tool, released his Gauss cracker as open source software under a GPL license. This is a major breakthrough towards solving the Gauss encryption scheme because of the speeds it achieves: 489k c/s on a AMD Radeon HD 7970 card. If you’re wondering, this is over 30 times faster than an AMD FX 8120 CPU.

You can download the sources and Linux binary from Jens’ 'hashcat' page.

Happy New (Cracking) Year!

Update: Version 1.1 has just been released and includes Windows binaries as well as other enhancements.

2 comments

Oldest first

Newest first

Threaded view

Table view

lightswitch05

2012 Dec 28, 19:10

2

Cool

Thats very exciting! Hopefully we'll know what that payload contains soon. I also created an open source app to check the paths on the computer it is ran on - but its not near as advanced as that one.

https://github.com/lightswitch05/gaussCrack

Edited by lightswitch05, 2012 Dec 28, 19:45

Reply

Bildos

2013 Jan 03, 12:31

1

Is it distributed or not?

Is it distributed cracking or standalone?
What's the current status in Gaus cracking?
It looks like standalone...
Guys from KAV: Could you please coordinate distribute cracking?

Reply

If you would like to comment on this article you must first

login