Determine Gauss Virus With Two Tools! Read to Find Out…

The destructive virus founded few days back, Gauss has hit the headlines worldwide as the malware has been spying on banking transactions, social networking, and email passwords of users. The main focus of Gauss virus was aimed to steal access credentials to Lebanese banks. Recently discovered by Kaspersky Lab, now the researchers at the security firms have found out tools that can help us detect Gauss early. Let’s take a look at these tools to avoid being a victim of this virus.

Gauss virus is a piece of malware whose main focus is to steal bank account login details of users. The banks that this virus attacked include the Bank of Beirut, BlomBank, EBLF, ByblosBank, Credit Libanais, and FransaBank. Not only that, this malware can also steal information for Citibank and PayPal.

If you think this is it, don’t underestimate this virus as it can also grab users’ browser history, cookies, passwords, system configurations and more.

Researchers at security firms, Kaspersky Lab and Crysys Labhave could not get much information about the builders themselves due to the shutdown of the command and control servers, which also left Gauss in midpoint. It could take days or months to unravel and find the builders.

Gauss is believed to be a descendant of a number of high-profile viruses such as Stuxnet, which got fame after the attack on nuclear plants in Iran in 2010, and Duqu, its sister malware. Gauss virus is also related to the recently recognized Flame, which has been a known as a major advancement in cyberespionage.

Closely together in relation, Gauss and Flame have almost same features. Both the viruses were built off of the same code base. Kaspersky says creators of Stuxnet virus possibly worked closely with those of Gauss and may have even shared source code.

As per Kaspersky, the most easy and reliable way to determine Gauss virus is to download and install the security company’s anti-virus solution or use the Kaspersky Virus Removal Tool, which can be downloaded free of cost.

However, there is also a quick way to detect Gauss on computer, in case download is not available for some reason. The entire system can be checked using a webpage from CrySyS, which comes from a Hungarian research lab. The lab also has a web-based method to help you check system for Palida Narrow.

You can visit the link at http://gauss.crysys.hu./Read the rest

Read more

Meet Gauss: the Recent Malware Linked with Stuxnet, Flame

Researchers on Thursday revealed the name of new kind of malicious software that they recently discovered. Named Gauss, this malware seems to have descended from the same state-sponsored program that is also known for producing viruses such as Stuxnet and Flame.

The researchers believe that this malware shares the same features as of earlier identified viruses that were meant for computers attached to Iran’s nuclear program. This new software, Gauss is designed particularly to lift information such as customer data from banks as well as PayPal and Citibank in Lebanon.

It is believed that earlier detected viruses, Stuxnet and Flame were developed by the United States and Israel.

Gauss malware was discovered while researchers were looking for variants of Flame. The name, Gauss comes from the main module in the program, which seems to be named for German mathematician Carl Friedrich Gauss. Other portions of the program are also named for famous mathematicians. The program began circulating as early as September.

So far, Kasperksy Lab, the Russian cybersecurity firm has found about 2,500 infections but believes there may be tens of thousands worldwide. Along with finding the malware in Lebanon, researchers found it in Israel and the Palestinian territories.

How Gauss is transmitted from computer to computer stays unclear. As the virus can’t spread on its own, it has not yet affected as many computers as Stuxnet. What this virus can do is download monitoring software onto portable USB drives to gather information from uninfected machines. This gives Gauss the chance to profile computers that are not connected to the Internet.

It is also believed that Gauss was designed only for surveillance. It wasn’t made to cause physical damage, unlike Stuxnet, which destroyed centrifuges in the middle of Iran’s nuclear program. But researchers still have to crack sections of Gauss’s code that could hide destructive capabilities.

Researchers said there is a module in Gauss that installs a font under the curious name of “Paladi Narrow.” That file does not contain malicious code, but there is an assumption that its name hints at a destructive payload.… Read the rest

Read more