Gauss cyber-spying virus Q&A

A new computer virus, dubbed Gauss, has been discovered in the Middle East. Researchers say can it steal banking credentials and hijack login information for social networking sites

August 9, 2012
Virus keyboard

A new computer virus, dubbed Gauss, has been discovered in the Middle East. Researchers say can it steal banking credentials and hijack login information for social networking sites, email and instant messaging accounts.

Cyber security firm Kaspersky Lab said Gauss is the work of the same “factory” or “factories” that built the Stuxnet worm, which attacked Iran’s nuclear program.

Here are some key facts about Gauss, according to Kaspersky Lab.

Q. What is its purpose?

A. Gauss is a surveillance tool. It steals credentials for hacking online banking systems, social networking sites and email accounts; it also gathers information about infected PCs, including Web browsing history, system passwords and the contents of disk drives.

Q. Can it do anything else?

A. There is a mysterious module, known as Godel, that copies malicious code onto USB drives when they are plugged into infected PCs. Godel’s purpose is unknown because some of its code is compressed and scrambled using a sophisticated encryption method. It only activates when it infects a predetermined target.

Researchers have not identified the target or figured out its mission. Kaspersky Lab senior researcher Roel Schouwenberg said he believes it may be a “warhead” designed to damage industrial control systems.

Q. How many victims are there?

A. Kaspersky Lab has uncovered more than 2,500 computers infected with Gauss since late May. It estimates the total number of victims is in the tens of thousands. The largest number of infections were found were in Lebanon, followed by Israel and the Palestinian Territories.

Q. Is Gauss still a threat?

A. Yes. Infected USB drives could still launch attacks. Servers that controlled infected machines were shut down in July, so it is unlikely that any more information will be stolen from the surveillance part of the operation.

Q. Why is it called Gauss?

A. The virus is built using modules with internal names that appear to be inspired by famous mathematicians and philosophers, including Kurt Godel, Johann Carl Friedrich Gauss and Joseph-Louis Lagrange. Kaspersky named the entire operation after the Gauss component as it implements the data-stealing capabilities.

Related articles

Symantec anti-virus update makes some PCs inoperable

Privacy risk rising from aggressive app ads

“Internet Doomsday” is here

Flame virus can sabotage computers: Symantec

Beware free public Wi-Fi: Kaspersky

Forum DebateGauss cyber-spying virus Q&A << Click for more

Tags: Active, Gauss, Kaspersky Lab

Related News

LulzSec

LulzSec hackers jailed in UK

LulzSec

LulzSec hackers “at cutting edge” of cyber crime, court told

Hacker spyware virus

Spyware servers in South Africa: the plot thickens

Electronics Security Digital Cyber background

How will cyber-heist banks get their money back?

A cyber security analyst works in a watch and warning center at a Department of Homeland Security cyber security defense lab at the Idaho National Laboratory

US charges eight in $45 million cyber crime scheme

Fraud binary data

SA bank card fraudster jailed

SIM swap fraud fix

SIM swap fraud suspect caught: MTN

Seecrypt

Seecrypt Mobile: unlimited calls and texts in complete privacy

Join the conversation

Connect with MyBB

twitterfacebookandroidappleblackberrynewsletterfeed

Poll

Which broadband provider do you respect the most?

View Results

Loading ... Loading ...

More News

Google’s wearable Glass gadget: cool or creepy?

Google glass

Google staged four discussions expounding on the finer points of its “Glass” wearable computer during this week’s developer conference

New Xbox more than a game console for Microsoft

Xbox logo

Microsoft is set to make a splash this week with the eagerly awaited unveiling of its new Xbox game console

Yahoo to acquire Tumblr for $1.1 billion: WSJ

Yahoo sign

Yahoo’s board has approved a deal to buy blogging and social networking site Tumblr for $1.1 billion in cash

New Telkom Mobile LTE for home: 10GB, 20GB, 50GB products explained

Telkom Mobile LTE

Telkom Mobile has unveiled its “Home Office LTE service” commercial trial with 10GB, 20GB and potentially 50GB contract packages

bool(true)