Kaspersky uncovers new Middle East virus

2012-08-09 17:03
Kaspersky Lab does analysis of malware threats at its offices in Moscow. (Duncan Alfreds, News24)

Kaspersky Lab does analysis of malware threats at its offices in Moscow. (Duncan Alfreds, News24)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Video

VIDEO: Malware evolution

2012-07-19 10:03

Malware has evolved to match consumer patterns. In this YouTube video, Vitaly Kamluk, chief malware expert at Kaspersky lab explains the process.WATCH

Boston - A new cyber surveillance virus has been found in the Middle East that can spy on financial transactions, e-mail and social networking activity, according to a leading computer security firm, Kaspersky Lab.

Dubbed Gauss, the virus may also be capable of attacking critical infrastructure and was built in the same laboratories as Stuxnet, the computer worm widely believed to have been used by the US and Israel to attack Iran's nuclear programme, Kaspersky Lab said on Thursday.

The Moscow-based firm said it found Gauss had infected personal computers in Lebanon, Israel and the Palestinian Territories. It declined to speculate on who was behind the virus but said it was related to Stuxnet and two other cyber espionage tools, Flame and Duqu.

"After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same 'factory' or 'factories'," Kaspersky Lab said in a posting on its website.

"All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations."

Login information


Kaspersky Lab's findings are likely to fuel a growing international debate over the development and use of cyber weapons. Those discussions were stirred up by the discovery of Flame in May by Kaspersky and others. Washington has declined comment on whether it was behind Stuxnet.

According to Kaspersky Lab, Gauss can steal internet browser passwords and other data, send information about system configurations, steal credentials for accessing banking systems in the Middle East, and hijack login information for social networking sites, e-mail and instant messaging accounts.

Modules in the Gauss virus have internal names that Kaspersky Lab researchers believe were chosen to pay homage to famous mathematicians and philosophers, including Johann Carl Friedrich Gauss, Kurt Godel and Joseph-Louis Lagrange.

Kaspersky Lab said it called the virus Gauss because that is the name of the most important module, which implements its data-stealing capabilities.

One of the firm's top researchers said Gauss also contains a module known as "Godel" that may include a Stuxnet-like weapon for attacking industrial control systems.

Stuxnet, discovered in 2010, spread via USB drives and was designed to attack computers that controlled the centrifuges at a uranium enrichment facility in Natanz, Iran.

Read more on:    kaspersky lab  |  cybercrime
NEXT ON NEWS24X

linking and moving

2015-04-22 07:36

SHARE:

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
3 comments
Add your comment
Comment 0 characters remaining

Inside News24

 
/News
 

Top 10 richest musicians of all time

Check out the gallery to find out who they are!

 
 

Luxury living

Seven of the most expensive children's toys ever made
5 millionaires turned murderers
The youngest billionaires in the world and how they made it
Watch: Flying first class has never been this luxurious!
Horoscopes
Aquarius
Aquarius

You are active, busy and on a mission today. There may be a special person you wish to entertain and may put in the extra effort...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.




Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.