Tuesday, August 14, 2012

U.S. Government Virus Spies on Financial Transactions

The shadowy actions of the U.S. Government in cyberspace have taken another chilling turn.

Researchers from Kapersky Labs have been picking apart the Flame virus to find common components that may pop up in similar cyber weapons. Their efforts just paid off.

The newly discovered virus, bearing “Gauss” as a codename, appears to have a very similar architecture to its predecessor and was built with some of the same modular components. However, the virus is far more advanced. It is better at covering its tracks and hiding within computers and USB drives.

Gauss appears to have been created in 2011. The malware has been actively distributed in the Middle East for at least the past 10 months. The vast majority of Gauss infections are in Lebanon.
The virus specifically targets computers within banks and collects as much information about systems as possible. It steals access credentials for banking software, social networks, email addresses and instant messenger accounts.

The coding is also designed to intercept proprietary data required to work with several Lebanese banks. Considering how it works, there can be little doubt regarding the intent of its creators. Lebanon is a Hezbollah stronghold, which is heavily funded by Iran and works very closely with the aggressive militaristic state.

In spite of the very specific targets, incidents appear to be popping up outside of the Middle East. 43 of the incidents occurred in the USA. Kapersky Labs believes it may be due to VPN connections, which mask the real location of the user.

Let's hope they are right. It took almost a year to find Gauss. With how advanced the U.S. Government's cyber weapons are becoming, it could take years to find evidence of anything that is stealing or corrupting our computers today.

No comments: