“Gauss is a complex, nation-state sponsored cyber-espionage toolkit designed to steal sensitive data, with a specific focus on browser passwords, online banking account credentials, cookies, and specific configurations of infected machines,” said Kapersky Labs in a statement Thursday.
It can also infect USB drives and store stolen data in hidden file if it needs to do so."
Russian cybersecurity firm Kaspersky Lab has announced the discovery of a new virus "GAUSS" that is capable of spying on financial transactions, according to its website.
"GAUSS" virus is hitting the Middle East, this time targeting financial and banking information.
The virus, named Gauss after the key internal module, is capable of stealing passwords and login data, as well as communicating system configurations. It can even steal credentials to gain access to banking systems in the Middle East.
One of the viruses modules, named Godel, appears to possess the capability of attacking industrial control systems, Reuters reported. Kaspersky’s researchers believe the modules are named in homage to famous mathematicians and philosophers, including Kurt Godel and Johann Carl Friedrich Gauss.
Kaspersky said on the company’s website that the virus is related to several others that have cropped up in the Middle East: Stuxnet, Flame and Duqu, all of which are cyberweapons. Stuxnet was originally designed to attack Iran’s nuclear program.
According to Kaspersky, Gauss began operation roughly in September of 2011 and was first detected in June. The estimated number of computers infected with the virus is probably in the tens of thousands, which is lower than the number of computers infected by Stuxnet, but significantly higher than the number of computers infected by Flame and Duqu. The highest number of infections appear to be in Lebanon.