Talking tech since 2003

In a recent post on the TrendLabs blog, Robert McArdle made note of a particular string that certain malware has been using as part of its encryption routine. The string reads as, Poshel-ka ti na hui drug aver which essentially translates into a screw you message. Originally, TrendMicro believed that the word “Aver” could refer to a certain computer hardware reseller based in Moscow. However, someone at Kaspersky pointed out that this word could mean “AVer” which is a term commonly used on English virus writing forums meaning AntiVirus researcher.

This type of hidden message is hardly the first to be found.  They are often found when these companies reverse engineer these malicious pieces of software to figure out how they work so they can write proper definition files to remove them.

A hidden message directed at Symantec:

Dear Symantec:
For years I have longed for just one thing,
to make malware with just the right sting,
you detected my creation and got my domains killed,
but I will not stop,
I can rebuild.

P.S. F*** you a**holes, especially Stephen Doherty who is the biggest f****t I know of.

And lastly, a hidden message directed at numerous AV companies:

we will attack f-secure,symantec,trendmicro,mcafee , etc.
The 11th of march is the skynet day lol .

It’s rather amusing to see these malware writers venting (and ranting) at the people who work very hard to do undo what they have done. It’s a vicious cycle and a cat and mouse game. At least, we know these AV companies are working diligently to remove these nasty malware infections that plague us.


Comments

Sign in or become a BestTechie member to join the conversation.
Just enter your email below to get a log in link.

Subscribe to BestTechie Plus

You've successfully subscribed to BestTechie
Welcome back! You've successfully signed in.
Great! You've successfully signed up.
Your link has expired
Success! Your account is fully activated, you now have access to all content.