Kaspersky Lab Discovers "Gauss"

VARINDIA- INDIA'S FRONTLINE IT MAGAZINE

Kaspersky Lab Discovers  
Kaspersky Lab has announced the discovery of  "Gauss", a new cyber-threat, targeting users in the Middle East. Gauss is a nation-state sponsored cyber-espionage toolkit designed to steal sensitive data.
Gauss was discovered during the course of the ongoing effort initiated by the International Telecommunication Union (ITU), following the discovery of Flame. Kaspersky Lab's experts discovered Gauss by identifying commonalities the malicious program share with Flame. These include similar architectural platforms, module structures, code bases and means of communication with command & control (C&C) servers.
The new malware was discovered by Kaspersky Lab's experts in June 2012. Its main module was named by the unknown creators after the German mathematician Johann Carl Friedrich Gauss. 
Multiple modules of Gauss serve the purpose of collecting information from browsers, which include the history of visited websites and passwords. Detailed data on the infected machine is also sent to the attackers, including specifics of network interfaces, the computer's drives and BIOS information. Moreover, the Gauss module is capable of stealing data from the clients of several Lebanese banks. It also targets users of Citibank and PayPal.
Gauss is capable of  "disinfecting" the drive under certain circumstances, and uses the removable media to store collected information in a hidden file. Another activity of the Trojan is the installation of a special font called Palida Narrow, and the purpose of this action is still unknown.
Alexander Gostev, Chief Security Expert, Kaspersky Lab, said, "Gauss bears striking resemblance to Flame, such as its design and code base, which enabled us to discover the malicious program. Similar to Flame and Duqu, Gauss is a complex cyber-espionage toolkit, with its design emphasizing stealth and secrecy. However, its purpose was different to Flame or Duqu. Gauss targets multiple users in select countries to steal large amounts of data, with a specific focus on banking and financial information."

For More Details See
www.varindia.com

Comments

Popular posts from this blog

N Chandrasekaran appointed chairman of Tata Sons

Visa buys NFT based CryptoPunk and paid $150,000 in Etherium

Prizm Payment Services changes its name to Hitachi Payment Services