Gauss: Stuxnet-Linked Cyber Weapon Hits Lebanon

By Lee Ferran | ABC News – Thu, Aug 9, 2012 2:12 PM EDT

What do you feel about this article?

REACT

Loading...

A new cyber weapon believed to be linked by code to the infamous Stuxnet worm has been discovered stealing banking information in Lebanon, according to Moscow-based cyber security firm Kaspersky Labs.

The new malware, dubbed Gauss for an in-code reference to a German mathematician, is designed to "steal and monitor data from clients of several Lebanese banks," among other nefarious abilities. The code also includes some kind of "special warhead" that is so well encrypted that Kaspersky has been unable to identify it.

Of the more than 2,500 instances of Gauss infections in the Middle East, more than 1,600 of them were discovered in Lebanon and nearly 500 in Israel, Kaspersky said in a blog post.

Kaspersky researchers said they discovered Gauss while investigating Flame, a massive espionage program revealed in May that was able to record nearly everything done on an infected computer, including real-world conversations that took place near it.

Kaspersky researchers had previously linked specific portions of code in Flame to Stuxnet, believed to be the first-ever true cyberweapon to do actual physical damage to its target, an Iranian nuclear facility, and Duqu, a surveillance worm based on Stuxnet. Now the Russian researchers said they believe Gauss to be related to those three as well.

"After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same 'factory' or 'factories,'" the blog post said.

Kaspersky and several other cyber security firms said that Stuxnet and its kin are so sophisticated and required such a commitment of time and expertise that a nation-state was most likely behind their creations. A 2010 Congressional report on Stuxnet put the U.S. and Israel at the top of a short list of probable suspects and the New York Times reported Stuxnet was developed by the two countries as part of a wave of cyber aimed at Iran.

Peter Boogaard, a spokesperson for the U.S. Department of Homeland Security, said the agency is "coordinating with our federal and private sector partners to analyze" Gauss and is "working with organizations that could potentially be affected."

Kaspersky said that while a vast majority of the infections they've detected were centered in Lebanon, there were a few instances of Gauss detected on computer systems in the U.S. and the total number of infections is still unknown.

READ: When Stuxnet Hit the Homeland

Also Read
 
 
Top Locations Austin Atlanta Los Angeles Seoul San Jose

355 comments

  • Ryan
    Ryan  •  2 days 15 hours ago
    um, someone can plant a virus in a computer that can record "real-world conversations that took place near it"?? I am starting to think that those folks who "live off the grid" are not so crazy afterall.
    • Chris
      Chris 2 days 10 hours ago
      Darth, it's like that cheesy SyFy movie Eyeborgs, ha ha ha
    • Darth
      Darth 2 days 11 hours ago
      Living off the grid would be good for now, but after a time with nanotechnology Big Brother may send nanotech cockroaches or spiders or even cute little ladybugs crawling under your door to invade your privacy and see what you're up to in your private world. In case you think this is a paranoid delusion, the Defense Department is looking into the feasibility of all kinds of bio-engineered or perhaps pseudo-biological devices for spying. It's not too far-fetched to see the possibility of using these as assassins as well. Sleep tight and don't let the bedbugs bite!
    • Androgenoide
      Androgenoide 2 days 12 hours ago
      Remember when it came out that Nextel cellphones could be turned on remotely to spy on their users? Of course, that was long before the more sophisticated smart phones we have now...
      Come to think of it... why aren't we hearing more about cell phone viruses? Isn't there enough money in it yet? Or are they only targeting the cell sites and switches themselves?
  • Alan D
    Alan D  •  2 days 14 hours ago
    Welcome to the new Cold War.
    • Alan D
      Alan D 2 days 10 hours ago
      Satellite photos are useful, but they don't tell the whole story by any stretch of the imagination.
    • Paul
      Paul 2 days 11 hours ago
      I see some people don't like intelligence!
    • DJ Spoke Wrench
      DJ Spoke Wrench 2 days 11 hours ago
      Paul: Please infect yourself with a deadly virus.
  • Otto Pilot
    Otto Pilot  •  2 days 14 hours ago
    Is this the point that the Terminator shows up?
    • DJ Spoke Wrench
      DJ Spoke Wrench 2 days 11 hours ago
      Skynet has become self-aware.
    • Panama Joe
      Panama Joe 2 days 12 hours ago
      Well, we DO have robots in the sky killing people ...sounds like Skynet to me!!
  • Echo
    Echo  •  2 days 14 hours ago
    What's to keep a cyber attack from affecting electronic voting in the upcoming election ?
    • Nick Johnson
      Nick Johnson 2 days 10 hours ago
      i read a article stating the voting machine's had 5 back door where someone good with a computer could go in and tamper with the voting machines why would these back doors be built in to the software or what ever in these machines look in to it there is something the doesn't meet the eye here
    • Hastings67
      Hastings67 2 days 10 hours ago
      In most states it is illegal for voting machines either to be or be able to be connected to the Internet, making a "cyber attack" impossible unless someone is breaking some serious laws.
    • DRNK Boner-h
      DRNK Boner-h 2 days 11 hours ago
      Au revoir Mitt
  • Just Old
    Just Old  •  Scottsdale, Arizona  •  2 days 16 hours ago
    I was reading an article one day from a guy that was familiar with the workings of stuxnet. He said they've know how to make this for awhile but no one wanted to go ahead with it because once the technology was released, it would become a Pandora's Box. Looks like he was acurate.
    • Androgenoide
      Androgenoide 2 days 12 hours ago
      It may have taken a highly sophisticated team to come up with the virus in the first place but, once free on the web, it probably doesn't take as much work to modify it for other purposes.
  • Down this now
    Down this now  •  2 days 14 hours ago
    "It takes a thief to catch a thief". So which theiving group do the perpertrators work for? Makes no difference really. Many countries have virus writers, and many probably have the
    same people enployed to block them. Getting paid from both ends. The same people who
    build police radars, also build radar detectors. Get a grip on reality.
  • David
    David  •  Solana Beach, California  •  3 days ago
    Firing off computer virus weapons that can be altered and fired back may not be the smartest idea when we are the most computer dependent country on the globe.
  • GooseyLucy
    GooseyLucy  •  2 days 15 hours ago
    The great technology achievements have done nothing but make it a dream for criminals....and a nightmare for the rest of us..Go back to writing checks or better yet USA CASH!!!
  • PeteWho
    PeteWho  •  2 days 13 hours ago
    That does it. I am clearing out all my over seas accounts and putting it under my mattress.
  • Ed
    Ed  •  Westland, Michigan  •  2 days 14 hours ago
    Starts making a Chase & Sanborn can buried in the backyard look pretty good ----- AGAIN!
  • Just
    Just  •  3 days ago
    Pentagon has said if they were attacked by cyber space, they will consider it as war. Wonder what other nations will say if US attacked their systems?
  • michaelb
    michaelb  •  2 days 13 hours ago
    -dont be suprised when your own technology is turned against you. a major wake up call is incoming soon, and a society that is based on even the most basic of needs being met by machines and has forgotten the most basic of things like how to make a fire on our own that made us able to rise above being just another animal is the worst equipped to deal with it.
  • Moe the Second
    Moe the Second  •  2 days 13 hours ago
    Israel is widely known to be the place where Stuxnet was developed. Now someone has replicated and improved the code. "Germ warfare", except the germ is coming back to bite the hand that fed it. Or maybe not...
  • Mark
    Mark  •  2 days 15 hours ago
    Its just time before it return to its creator states, and we all know who is on the short list.
  • Emery
    Emery  •  2 days 15 hours ago
    I still think a blitz is the best solution in dealing with tyrannical nations, but hey whatever floats you boat. I just wish they would hurry up and melt down irans nuclear systems.
  • mike's reason
    mike's reason  •  Middletown, New York  •  2 days 14 hours ago
    I am waiting for the computer girl who takes care of my needs and never talks back. Then I will buy one.
  • scar
    scar  •  3 days ago
    500 infected computers in Israel? That's interesting........
  • Mark Kusher
    Mark Kusher  •  2 days 14 hours ago
    The US government develops a sophistiated virsus as a cyber weapon for use against Iran and when it's modified and let loose, you blame it on Microsoft? You're delusional. It's our government that's at fault and this type of cyber warfare is the wave of the future.
  • Pete
    Pete  •  Birmingham, Alabama  •  2 days 13 hours ago
    Peter Boogaard, a spokesperson for the U.S. Department of Homeland Security, said the agency is "coordinating with our federal and private sector partners to analyze" Gauss and is "working
    with organizations that could potentially be affected." I believe them don't you? (sarcasem)
  • zyxt
    zyxt  •  2 days 13 hours ago
    Skynet is real.
 Post a comment