State-sponsored 'Gauss' cyber-weapon targeted Lebanon, says Kaspersky

2 Comments

Security company Kaspersky Lab on Thursday announced it had discovered a malware called Gauss which ran from September 2011 to July 2012, and was similar in design to the notorious Flame worm. The company believes Gauss to have been another state-sponsored cyberweapon.

Kaspersky said Gauss was discovered because of the increased efforts to identify and halt international cyber-weapons in the wake of Flame, Stuxnet, Duqu, and other military-grade security threats.

Gauss, according to the security company, was designed to steal sensitive information such as browser passwords, online banking account credentials, cookies, and local machine configurations/settings, and it infected approximately 2,500 machines, with Lebanon being the major target. Flame infected only about 700 machines.

"Functionally, Gauss is designed to collect as much information about infected systems as possible, as well as to steal credentials for various banking systems and social network, email and IM accounts. The Gauss code includes commands to intercept data required to work with several Lebanese banks - for instance, Bank of Beirut, Byblos Bank, and Fransabank," says the company's documentation of the malware.

"Code references and encryption subroutines, together with the Command and Control infrastructure make us believe Gauss was created by the same 'factory' which produced Flame. This indicates it is most likely a nation-state sponsored operation," the company said.

Kaspersky takes an aggressive position on international cyberwarfare, and warns that there is currently a global cyber arms race being built.

With this in mind, the company points out the major victims of the two similarly-crafted malwares were very different: Flame appeared to have targeted Iran, while Gauss appeared to have targeted Lebanon.

The command and control server IPs for Gauss were located in India, Portugal, and The United States, and the domains related to the malware were hosted alternately in India and Portugal as well.

2 Comments

2 Responses to State-sponsored 'Gauss' cyber-weapon targeted Lebanon, says Kaspersky

Got News? Contact Us

Recent Headlines

The psychological impact of phishing attacks on your employees

Canonical releases Ubuntu Linux 24.04 LTS 'Noble Numbat'

New tool lets enterprises build their own secure gen AI chatbots

Younger women are going into cybersecurity but more needs to be done

Politically motivated DDoS attacks on the rise

TCL 50 XL 5G Android smartphone hits Metro by T-Mobile: Big features, small price

The increasing sophistication of synthetic identity fraud

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

22 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

18 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.