Digital security experts have discovered a new cyber-surveillance virus in the Middle East that can steal login and password information and spy on banking transactions, system configurations and other data.
The virus, called “Gauss” after 19th-century German mathematician Johann Carl Friedrich Gauss, appears to have come from the same “factory” as the Stuxnet virus, a 2010 attack on the systems operating Iranian nuclear facilities alleged to have come from the United States and Israel.
The new attack represents “the high end of nation-state-sponsored cyber-espionage and cyberwar operations,” wrote Kaspersky Lab, the firm that discovered the virus, on its website.
Dubbed Gauss, the virus may also be capable of attacking critical infrastructure and was very likely built in the same laboratories as Stuxnet, the computer worm widely believed to have been used by the US and Israel to attack Iran’s nuclear programme, Kaspersky Lab said on Thursday.
The Moscow-based firm said it found Gauss had infected more than 2,500 personal computers, the bulk of them in Lebanon, Israel and the Palestinian territories. Targets included Lebanon’s BlomBank, ByblosBank and Credit Libanais, as well as Citibank and eBay’s PayPal online payment system.
… “After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same ‘factory’ or ‘factories,’ ” Kaspersky [said] on its website. “All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyberwar operations.”