Meet Gauss: the Recent Malware Linked with Stuxnet, Flame

Researchers on Thursday revealed the name of new kind of malicious software that they recently discovered. Named Gauss, this malware seems to have descended from the same state-sponsored program that is also known for producing viruses such as Stuxnet and Flame.

The researchers believe that this malware shares the same features as of earlier identified viruses that were meant for computers attached to Iran’s nuclear program. This new software, Gauss is designed particularly to lift information such as customer data from banks as well as PayPal and Citibank in Lebanon.

It is believed that earlier detected viruses, Stuxnet and Flame were developed by the United States and Israel.

Gauss malware was discovered while researchers were looking for variants of Flame. The name, Gauss comes from the main module in the program, which seems to be named for German mathematician Carl Friedrich Gauss. Other portions of the program are also named for famous mathematicians. The program began circulating as early as September.

So far, Kasperksy Lab, the Russian cybersecurity firm has found about 2,500 infections but believes there may be tens of thousands worldwide. Along with finding the malware in Lebanon, researchers found it in Israel and the Palestinian territories.

How Gauss is transmitted from computer to computer stays unclear. As the virus can’t spread on its own, it has not yet affected as many computers as Stuxnet. What this virus can do is download monitoring software onto portable USB drives to gather information from uninfected machines. This gives Gauss the chance to profile computers that are not connected to the Internet.

It is also believed that Gauss was designed only for surveillance. It wasn’t made to cause physical damage, unlike Stuxnet, which destroyed centrifuges in the middle of Iran’s nuclear program. But researchers still have to crack sections of Gauss’s code that could hide destructive capabilities.

Researchers said there is a module in Gauss that installs a font under the curious name of “Paladi Narrow.” That file does not contain malicious code, but there is an assumption that its name hints at a destructive payload.… Read the rest

Read more

Android Malware and Threats: Budding Up in 2012 Olympics

Cyber threats and security is one of the main points that authorities at London Olympics 2012 need to take into consideration as hackers are getting more and more creative with malware attacks. Google’s Android is one mobile operating system that is referred as being plagued by most malware attacks.

As London Olympics 2012 have gained popularity all over, hackers have already started to exploit this international event. Hackers and spammers have taken advantage of this event and have filled up emails everywhere with Olympic related spam.

Webroot, which is an anti-malware and anti-virus solutions provider has taken out a note that warned people of various applications available due to the upsurge of events that are going on at a particular time throughout the Olympics.

This goes side by side with some cyber threats that are connected to the Olympic Games 2012 that can concern all viewers. A note was even released by RSA to give people some tips as to how to deal with phishing emails and media alerts that are related to Olympics, designed to steal people’s personal information.

Researchers at Webroot referred to “London Olympics Widget” that is an application designed to display collective Olympic news coverage. However, they say that this application is in fact disguised to collect user’s contact list and device ID even while they read SMS messages.

Webroot warns people to be particularly careful when they download applications.

In spite of all disputes related to phishing and scams, Android still remains an open source platform, which makes the mobile OS quite susceptible to such attacks.

Moreover, stores such as Google Play and the Amazon Appstore are noted not to monitor all the applications they have in digital app stores until reported. And nobody really wants to be the test case.

Webroot advises people to be smart and take a look at the applications’ author and then seek out the name to see if the provider is a trustworthy company or developer.

During Google I/O session in June, Android security personnel had given out some tips for the developer side of things that could store more faith for consumers as well, which also includes providing a clear privacy policy.… Read the rest

Read more

Cybersecurity Bill Did Not Get Enough Support in Senate

 

A security related bill that could prevent large-scale cyber attacks failed to get support from the Senate members on Thursday. The bill was considered essential for the security of nation’s infrastructure that included water supplies and the electrical grid.

Despite consent and strong endorsement from top military and national security officials, the bill was unable to get two-third majority in the office, which was necessary to take it to the next passage. Failure to pass the bill has raised many questions.

“This is one of those days when I fear for our country and I’m not proud of the United States Senate,” Sen. Joseph I. Lieberman (I-Conn.), one of the bill’s chief sponsors, said ahead of the vote. “We’ve got a crisis, and it’s one that we all acknowledge. It’s not just that there’s a theoretical or speculative threat of cyber attack against our country — it’s real.”

On the contrary, the White House and Democratic and Republican sponsors have decided to make security standards stricter. But at the same time they have decided to keep these security standards voluntarily and not mandatory for companies that control nation’s infrastructure.

However, most of the people in the business sector are not happy even with the voluntary standards, because of which the proposal will have to be send back to House bill where necessary changes will be made.

White House press secretary Jay Carney on the same said, “Despite the president’s repeated calls for Congress to act on this legislation, and despite pleas from numerous senior national security officials from this administration and the Bush administration, the politics of obstructionism, driven by special interest groups seeking to avoid accountability, prevented Congress from passing legislation to better protect our nation from potentially catastrophic cyber-attacks.”

One of the major problems that the government is facing to pass this bill is that the nation’s most of the systems that are at risk are taken care by private sector. Therefore, the legislators will have to look for a balanced solution that will work for both the private sector and the one that encourages companies to tighten their security that too voluntarily.

“We worked hard for more than three years and now, because a handful of Republican senators are afraid of crossing the Chamber of Commerce’s beltway lobbyists, we may end up with nothing on this urgent issue,” Rockfeller said Thursday.

Nevertheless, republican critics are of the view that no kind of security measure is required as that will only put a financial strain on private companies. They also said that government intervention is not required on the view.

Later it was clarified that members of parliament has also voted against the bill because they were not allowed to make necessary changes in the bill.

“We all recognize the problem. That’s not the issue here,” Senate Minority Leader Mitch McConnell (R-Ky.) said Thursday morning. “This is a big, complicated, far-reaching bill that involves several committees of jurisdiction,” he added. “Democrat leaders haven’t allowed any of these committees to improve the bill or even vote on it.”

Now that congress is all set to leave for a month long break no one was sure when the issue will be ready for a vote again.… Read the rest

Read more