Lebanon bank

Researchers at security firms Kaspersky Lab and Crysys Lab released tools today to detect if your computer is infected by the Gauss virus, a piece of malware that focuses on stealing bank account login credentials.

Gauss was discovered yesterday by Kaspersky Lab, and its function is to steal access credentials to Lebanese banks. These include the Bank of Beirut, BlomBank, EBLF, ByblosBank, Credit Libanais, and FransaBank. It also steals information for Citibank and PayPal. On top of that, the malware grabs browser history, cookies, passwords, system configurations, and more. Researchers have not been able to get much information about the builders themselves, as the command and control servers were shut down, leaving the malware in limbo.

Gauss is related to a number of high-profile viruses including Stuxnet, which became famous after attacking nuclear plants in Iran in 2010, and its sister malware, Duqu. It is also related to the recently infamous Flame, which has been referred to as a major advancement in cyberespionage.

Gauss and Flame are closer together in relation. Kaspersky says the two share nearly identical features and were built off of the same code base. The firm says Stuxnet’s creators probably worked closely with those of Gauss and may have even shared source code.

Find the Kaspersky detector here and the Crysys detector here.

via The New York Times; Image via Shutterstock


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member