‘Gauss’ malware can steal banking data, passwords


Posted at Aug 17 2012 10:35 AM | Updated as of Aug 17 2012 06:36 PM

MANILA, Philippines – Security software firm Kaspersky Lab warns of a newly discovered malware that has been targeting users in the Middle East.

Dubbed “Gauss,” the company said it is designed to steal browser passwords, online banking account details and cookies on infected computers, among others.

It said Gauss and another recently discovered malware, “Flame,” have similar architectural platforms, module structures, code bases and means of communication with command and control servers.

But unlike Flame, it has harmed a lot more computers.

“Gauss bears striking resemblances to Flame, such as its design and code base, which enabled us to discover the malicious program. Similar to Flame and Duqu, Gauss is a complex cyber-espionage toolkit, with its design emphasizing stealth and secrecy; however, its purpose was different to Flame or Duqu. Gauss targets multiple users in select countries to steal large amounts of data, with a specific focus on banking and financial operation,” said Alexander Gostev, chief security expert at Kaspersky Lab.

Gauss is said to be named after the German mathematician Johann Carl Friedrich Gauss. Its creators are still unknown.

Aside from stealing data, the malware is also capable of infecting USB thumb drives, using them to store collected information in a hidden file.