Home / Channel / Gauss virus to hit banking systems. state funded?

Gauss virus to hit banking systems. state funded?

Kaspersky Lab have found another virus, which they claim could be state funded. This virus, nicknamed GAUSS appears to be have been written by the same people who handled the Flame, data mining virus.

GAUSS has been detected on 2,500 computers, mostly in Lebanon according to Kaspersky. The code tries to acquire logins for email and instant messaging accounts, social networks and also bank accounting information.

The report says that the Bank of Beirut, Byblos Bank, Blom Bank and Credit Libanais have been targeted along with the online payment system Paypal.

Costin Raiu, Kaspersky's director of global research and analysis said in an interview “We have never seen any malware target such a specific range of banks. Generally, cybercriminals target as many banks as possible to maximize financial profit, but this is a very focused cyberespionage campaign targeting certain users of online banking systems.”

Kaspersky labs who are based in Moscow said that they located the GAUSS virus while they were analysing the Flame virus in June.

Nicole Perlroth at the New York Times added “Lebanon experts said that an American cyber espionage campaign directed at Lebanon’s banking system would seem to be a plausible possibility, given Washington’s concerns that the country’s banks are being used as a financial conduit for the Syrian government and for Hezbollah, the Lebanese militant group and political party.

“The United States has had a number of Lebanese banks under the microscope for a while,” said Bilal Y. Saab, a Lebanon expert at the Monterey Institute of International Studies, who said the banks “operate much like Swiss banks” in terms of secrecy. “A computer virus could completely undermine that,” he said.”

Researchers at Kaspersky said that they were confident GAUSS is the work of the same people behind FLAME, especially as both viruses are written in C++ on the same platform and shared some code and features. The company added that Stuxnet and Doqu were probably written by different people, but that all four have probably been commissions by the same state sponsored source.

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems.