2+2=89?

01 Jun 2007

minute read

Authors

Denis Nazarov

This week we added another unusual detection – detection for a calculator virus.

Virus.TI.Tigraa.a is a memory resident virus, and in the best tradition of DOS viruses, it’s a mere 492 bytes in size. It works on Texas Instruments TI-89 graphing calculators (the TI-89, TI-89 Titanium, and the Voyage 200 which will run most programs for the TI-89) with the Motorola 68000 processor. The virus is designed to clear the screen and then display a message saying ‘t89.GAARA’.

Of course, Tigraa.a is classic proof of concept code. It’ll only work on individual calculators, and can’t spread. But nevertheless, it’s created another entry in the roll call of potentially infectable devices.

Authors

Denis Nazarov

2+2=89?

Latest Posts

Latest Webinars

Reports

In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.

We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.

2+2=89?

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Induc, the innovative file infector

An inventive approach

New file infector for Win64

Blackmailer: the story of Gpcode

GpCode: update

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

Two more malicious Python packages in the PyPI

LofyLife: malicious npm packages steal Discord tokens and bank card data

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

Latest Posts

Malvertising through search engines

The state of stalkerware in 2022

Threat landscape for industrial automation systems for H2 2022

The mobile malware threat landscape in 2022

Latest Webinars

ChatGPT – good or evil? AI impact on cybersecurity

Crimeware and financial predictions for 2023

Advanced persistent threat predictions for 2023

Reversing mobile threats in 2022

Reports

Bad magic: new APT found in the area of Russo-Ukrainian conflict

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

BlueNoroff introduces new methods bypassing MoTW

Ransomware and wiper signed with stolen certificates

Subscribe to our weekly e-mails