Kaspersky Discovers New IT Virus Linked To Stuxnet
Kaspersky Lab said Thursday it has discovered "Gauss," a new computer virus apparently designed to monitor online bank transactions in the Middle East.
"Gauss is a complex, nation-state sponsored cyber-espionage toolkit designed to steal sensitive data, with a specific focus on browser passwords, online banking account credentials, cookies, and specific configurations of infected machines," Kaspersky said in a statement.
The company added that "The online banking Trojan functionality found in Gauss is a unique characteristic that was not found in any previously known cyber-weapons."
Kaspersky Lab said that the newly-discovered virus shared similarities in terms of structure and operation with Flame, a program aimed at vacuuming information from target computers. Flame in turn shared similarities with Stuxnet, a program experts believe was designed to sabotage Iran's disputed nuclear program.
The Russian software specialist said further that Gauss came into light during the course of the ongoing effort initiated by the International Telecommunication Union (ITU), following the discovery of Flame, which was described as the most sophisticated malware ever found.
"Analysis of Gauss shows it was designed to steal data from several Lebanese banks including the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais," the statement said, adding that "it targets the users of Citibank and PayPal."
"Another key feature of Gauss is the ability to infect USB thumb drives, using the same LNK vulnerability that was previously used in Stuxnet and Flame," Kaspersky explained.
However, the firm said that at the present time, the Gauss Trojan is successfully detected, blocked and remediated by Kaspersky Lab's products, classified as Trojan-Spy.Win32.Gauss.
The company added that "The online banking Trojan functionality found in Gauss is a unique characteristic that was not found in any previously known cyber-weapons."
Kaspersky Lab said that the newly-discovered virus shared similarities in terms of structure and operation with Flame, a program aimed at vacuuming information from target computers. Flame in turn shared similarities with Stuxnet, a program experts believe was designed to sabotage Iran's disputed nuclear program.
The Russian software specialist said further that Gauss came into light during the course of the ongoing effort initiated by the International Telecommunication Union (ITU), following the discovery of Flame, which was described as the most sophisticated malware ever found.
"Analysis of Gauss shows it was designed to steal data from several Lebanese banks including the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais," the statement said, adding that "it targets the users of Citibank and PayPal."
"Another key feature of Gauss is the ability to infect USB thumb drives, using the same LNK vulnerability that was previously used in Stuxnet and Flame," Kaspersky explained.
However, the firm said that at the present time, the Gauss Trojan is successfully detected, blocked and remediated by Kaspersky Lab's products, classified as Trojan-Spy.Win32.Gauss.
