Gauss who's come to bug your PC.
It's bigger and more potent than Flame. Four months after the last attack, another cyber snooping virus named Gauss has been unleashed in the Middle East, and financial transactions, social media and e-mails may be at risk. Computers in Lebanon, Israel and Palestine have been the worst affected, but there is no need to panic in the UAE, a senior researcher at Kaspersky Labs, which detected the virus, told Khaleej Times on Thursday.
This is industrial scale cyber-espionage and it's a targeted attack from the same source as Stuxnet and Flame. ''It is pretty dangerous and banking credentials can be compromised; funds can be stolen and financial transaction can be monitored by the Trojan,'' according to Stefan Tanase, senior security researcher with Kaspersky Labs.
A lot of resources have been put into this operation, said Tanase, who specialises in Web security, malware 2.0, and threats which target Internet banking systems, including phishing.
Gauss is believed to have been developed last year or in early 2012 and has similarities to the Flame project. It has been active in the Middle East for the past 10 months. Flame targeted Iran, while Gauss has infected 1,660 computers in Lebanon, followed by 463 in Israel and 261 in Palestine. Only 11 computers have been found with the malware in the UAE, according to Kaspersky. Four computers have been attacked in Egypt, Qatar, Saudi Arabia, Jordan and Syria. ''There's no need to panic in the UAE and regular users do not face any direct risk,'' said Tanase. Two international banks operating in the UAE said they are aware of the new virus and are prepared to combat any possible threat.
"At present we have no information if Gauss is creating any problem with regard to financial transactions within the UAE," a spokesman for one of the banks said.
Gauss can intercept user sessions and steal passwords, cookies and browser history. When let loose, it can gather information about the computer's network connections. Information on processes and folders may be compromised, and Kaspersky said the virus can mine for data in local, network and removable drives.
It is capable of infecting USB drives with a spy module in order to steal information from other computers. It can also tamper with the command and control server and download additional modules.
Reuters reported than a United Nations agency that advises countries on protecting critical infrastructure plans to send an alert on the mysterious code.
"We are going to, of course, inform member states that there is an unknown payload," said Marco Obiso, a cyber security coordinator for the UN's Geneva-based International Telecommunications Union.
"We don't know what exactly it does. We can have some ideas. We are going to emphasise this," he said.
Gauss's predecessor Flame was blamed by Iran for causing data loss on computers in the country's main oil export terminal and oil ministry.
But Gauss is unique in its encrypted payload, which Tanase said the Lab hasn't been able to crack yet. ''The payload is run by infected USB sticks and is designed to surgically target a certain system (or systems) which have a specific program installed,'' Kaspersky said.
Copyright 2012 Khaleej Times. All Rights Reserved.
Provided by Syndigate.info an Albawaba.com company
|Printer friendly Cite/link Email Feedback|
|Publication:||Khaleej Times (Dubai, United Arab Emirates)|
|Date:||Aug 9, 2012|
|Previous Article:||Man United IPO prices below expectations.|
|Next Article:||SMS, Twitter drive to spread consumer rights awareness.|