[Cryptography] Previously unknown (I think) Malware

Howard Chu hyc at symas.com
Thu Sep 20 08:13:03 EDT 2018

Ray Dillinger wrote:
> I have recently become aware of some previously unknown malware, and
> need to move it toward analysis/publication/eventual CERT advisory.
> It is tentatively named "Gaslight" because for a while the discoverer
> thought he was going crazy.
> It infects bluetooth devices and definitely does jump between paired
> devices.  It was first observed on an Android/Pixel smartphone. I do not
> know enough about bluetooth hardware to attempt to extract and analyze it.

> The situation is complicated by the fact that the parties whose hardware
> was infected wish to keep their identities private and the infected
> devices may contain identifying, confidential, and/or proprietary data
> belonging to them.

Go buy a few cheap bluetooth headsets and infect them, and forward those on
instead of the original party's items.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the cryptography mailing list