Meet the ‘Gauss’ Virus, Stuxnet and Flame’s New Cousin
“A new virus capable of spying on bank transactions and stealing sensitive data such as browser passwords, cookies and network information has been discovered infecting computers in Middle East.
Called “Gauss,” the virus was designed to siphon data from several major Lebanese banks as well as users of CitiBank and PayPal, sending the stolen information back to its still-unknown creator.
It was detected by Kaspersky Lab, the same security firm that found the Flame virus earlier this summer.
Gauss is very similar to Flame — in fact, it was discovered by Kaspersky exactly because the two share so much DNA. Flame and the new virus have “similar architectural platforms, module structures, code bases and means of communication with command & control (C&C) servers,” according to Kaspersky. However, Gauss can infect USB drives in a “more intelligent” fashion, storing collected information in a hidden file on removable drives.
Kaspersky believes Gauss was likely built in the same “factory or factories” as Flame and Stuxnet, both of which also targeted computers in and around the Middle East. However, neither Lebanon nor banking systems were previously considered a target — Flame and Stuxnet were reported to be products of a secret joint American-Israeli effort targeting Iranian nuclear facilities.”
Read the full article: Click here