6

Maybe some of you remember that in November 2013 the respected researcher Dragos Ruiu claimed that he was infected by some super advanced virus that no one ever heard of before. Experts agreed that things that he described are possible, but the fact that such an advanced piece of software was used to tease one researcher was very unlikely. Some began speculating that he could have started going mentally unstable.

And...
That's all. All information I can find today about this whole situation is from 2013. It is October 2014, and there is no info in the internet about how this case was resolved. Do any of you know the final story? It is a bit strange that something of such significance never reached conclusion.

Liberat0r
  • 161
  • 1
  • 4
  • 2
    I sometimes have a feeling that people on stackexchange forums don't really read posts, but just click buttons at random. This post is obviously different than mentioned one and just because topic is similar it doesn't mean it is duplicate. – Liberat0r Oct 24 '14 at 07:23

1 Answers1

2

It has graduated to crazytown:

http://www.reddit.com/r/badbios

However, there was a research implementation that proved functionality:

http://www.theregister.co.uk/2013/12/05/airgap_chatting_malware/

Moreover, there has been documentation showing similar work has been deployed in the intelligence community:

http://www.pcworld.com/article/2087893/forget-badbios-nsa-turns-to-pirate-radio-to-target-air-gapped-computers.html

Fred Concklin
  • 821
  • 8
  • 15
  • 1
    Forgive me ignorance, but what is crazytown? :) – Liberat0r Oct 24 '14 at 14:27
  • The articles linked deal with covert communication between infected (or deliberately installed) devices. Ruiu claimed infection over the channel. All the other studies are showing that the channel requires previous infection. In those scenarios, the channel is used for data theft, or surveillance or C&C, but not for infection. Infection is the actual transmission of malware to the target that specifically compromises the host. In the papers you list, the hosts have to already be compromised. – Keith Tyler Apr 18 '22 at 23:02