Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Gauss Malware comes in wake of earlier cyber weapons

FireEye : 13 August, 2012  (Technical Article)
Latest addition to cyber espionage tools can strike banking and social networking platforms as well as the potential for critical infrastructure systems
Gauss Malware comes in wake of earlier cyber weapons
A new computer surveillance virus has been discovered in the Middle East, becoming the latest cyber weapon following the earlier discoveries of Stuxnet, Duqu and Flame. The virus – dubbed Gauss –can retrieve Internet browser passwords, send information about system configurations, steal credentials for accessing banking systems in the Middle East, and hijack login information for social networking sites. It may also be capable of attacking critical infrastructure, and it is suspected that it was built in the same laboratories as Stuxnet, the computer worm developed to attack Iran's nuclear program.

Gauss also marks the first time that nation-state malware has been discovered stealing banking credentials – normally the preserve of relatively low-level criminal hacking groups.

James Todd, technical lead for Europe at FireEye, leader in stopping advanced targeted attacks, has made the following comments:

“While the discovery of the Flame virus may have shocked security experts worldwide, it seems that this was just the tip of the iceberg.  With suggestions that Gauss could in fact be linked to the laboratories that created Flame, Stuxnet and Duqu, it appears that the state-sponsored cyber threat might be more dynamic, fast-moving and incestuous than previously thought.

"Many consider credential stealing malware a social problem and pretty harmless compared to targeted attacks. Gauss destroys that myth. Though it seems that this virus is currently  intended for the theft of bank details, social networking information and other web passwords, we cannot underestimate the seriousness of this discovery and its potential to morph into a virus capable of attacking control systems and other critical infrastructure, as has been suggested.

“In the face of these advanced malware discoveries, organisations must accept the growing security hole in their perimeter and take the threat seriously by reducing their reliance on outdated perimeter security tools that have proven time and time again to be ineffective as a sole defence. In short, we must evolve at least as quickly as the cybercriminals are.  Against a backdrop of political discussions in the US and EU surrounding the prevention of cyber threats and how heavy-handed to be with global enemy states, it is clear that this is becoming a credible government-level issue.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo