New State-Sponsored Malware "Gauss" Making the Rounds 106
EliSowash writes "A newly uncovered espionage tool, apparently designed by the same people behind the state-sponsored Flame malware that infiltrated machines in Iran, has been found infecting systems in other countries in the Middle East, according to Kaspersky researchers. Gauss is a nation-state-sponsored banking Trojan which carries a warhead of unknown designation. Besides stealing various kinds of data from infected Windows machines, it also includes an unknown, encrypted payload which is activated on certain specific system configurations. Just like Duqu was based on the 'Tilded' platform on which Stuxnet was developed, Gauss is based on the 'Flame' platform."
Re:So stupid it's got to be official. (Score:4, Interesting)
yes but when you use it you are a threat to national security/terrorist....
Unless you run a bank like HSBC.
Then you get a slap on the wrist and stern talkin' to. [bdnews24.com]
Gitmo is reserved for the proles; Party members need not concern themselves.
Re:What? (Score:4, Interesting)
If the developers used pure assembler (which people don't any more *laments*), and scrubbed your code properly you could make it much harder to trace (but doing so in itself gives you clues about the creator.
State Sponsored... (Score:1, Interesting)
If you follow the verbiage from Kaspersky over the last few years, one may infer he outright hates the US, is working for the FSB or something way out there. So I quote what I saw on Twitter: World according to Kaspersky: 's:^:US developed (Gauss\|Stuxnet\|Flame):g' || if [ -e $MALICE ]|\then|\ echo USA|\ fi
one step closer to the world of Neal Stephenson (Score:3, Interesting)
In "The Diamond Age", sovereign powers and those with the means engage in (more or less) open conflict using nanomachines colloquially referred to as "mites". Particularly vicious "battles" in these conflicts manifest as smog-like pollution formed by mites of opposing factions destroying each other and leaving inert carcasses hanging in the air and settling over streets, building, etc. like a kind of artificial dust. Those unlucky enough to be caught outside during these times breath them in and have no end of resulting health problems. One of the secondary characters in the story actually ends up in a chronic/palliative care facility as a result of such ill health. Such are the collateral damages in this imagined world. Things like Stuxnet and now the subject of this article appears to be the manifestations of a software form of this type of "armed conflict" (if you can call it that.) Similarly, when non-targeted individuals become infected or otherwise gets caught in the cross-fire, collateral damages result in the form of lost productivity or perhaps just general nuisance. So......
Ask slashdot:
Can you think of an effective way for non-government affiliated denizens of the Internet to respond to such emerging scenarios where geo-politically driven cyber-conflicts have the potential to harm non-participants? For example, would it be appropriate to form an Internet version of the International Red Cross?
Re:So stupid it's got to be official. (Score:2, Interesting)
It takes time to develop and test an update and flash a system (not to mention money). Gauss is certainly time-limited, but that might be a feature. If you wanted to shut down Iranian centrifuges, for example, you could just send out a copy specific to those configurations. The Iranian centrifuge operators get attacked, realized they're the target (but nobody believes them), and spend time and money flashing their systems. Next week, Gauss2 comes out, same as last time but with "Penis" appended to the version strings it's looking for. Repeat. Good deniability, no collateral damage and annoying as hell to your target.
May inspire a Windows exodus... (Score:5, Interesting)
Internet terrorism (Score:2, Interesting)
Countries that release stuff like this into the wild are criminal rogue states. It's like dumping agent-orange not just on the jungles of Vietnam during war, but on the entire planet as a whole.
There are no borders on the Internet. What you release is not limited to your target and affects everyone.
One can only hope that the governments that released Flame, Stuxnet, and now this, become victims of their own weapons.
Yes, I do know who that likely means. I certainly hope it comes back to bite us like a torpedo circling around and targeting its own submarine. Maybe then someone will learn a thing or two about not shitting where you eat.
--
BMO