Gauss: Stuxnet-like cyber-espionage toolkit targets Middle East banks

By Leeky
Aug 10, 2012
Post New Reply
  1. Kaspersky security analysts have identified another cyber-threat (PDF) targeting the Middle East as part of ongoing research into Flame. Named Gauss, it displays all the hallmarks of being part of the same family as Flame (Stuxnet, Duqu) and is compromising financial……

    Read more
  2. gwailo247

    gwailo247 TechSpot Chancellor Posts: 2,105   +18

    I have a feeling that Israel is going to demolish Iran without the use of a single soldier or plane.

    Pretty soon we're going to see an actual cyber war.
  3. Sphynx

    Sphynx Newcomer, in training Posts: 35

    You are living in cloud cuckoo land If you think Israel is going to demolish Iran with cyber-warfare.

    Pulling off a cyber-attack of that magnitude on Iran is actually more difficult (and less practical) than you realize.
  4. TJGeezer

    TJGeezer TechSpot Enthusiast Posts: 385   +10

    If the targeted banks have publicly traded stocks, look for an unexplained short-selling peak just before the encrypted payloads activate. (At least, that's what happened before a physical attack destroyed the WTC in New York.) We may already have an actual cyber war under way. When a nation state attacks another nation state's financial institutions, it ain't exactly friendly. Hard to say how practical or effective it is, since it's uncharted territory.
  5. Tygerstrike

    Tygerstrike TechSpot Enthusiast Posts: 827   +93

    I like that they dont know who created this program. Who is using it. Who will benifit from this. I personally think the idea of being able to subvert a possible physical war is a great idea. Yes its the banks getting hit, but we can guarentee that its not some criminal or money would be flying out of those banks.
  6. Leeky

    Leeky TechSpot Evangelist Topic Starter Posts: 4,378   +98

    @Tygerstrike,
    Researchers have pointed the fingers in the general direction of both Israel and the United States, summarising that the two are the most likely to have had the resources to construct them. Either way, it isn't a Chinese hacker in his back garden workshop, its a massively funded, government level project and the USA is in high probability behind it.

    According to a book recently published; Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, the US built the Stuxnet worm with the aim of crippling nuclear facilities used by Libya's Qadaffi regime -- despite apparently not knowing it would even be required at the time!

    Initially the earlier portions of the US-written code (that later became Stuxnet) infiltrated the closed Natanz network and gave the government an entire map of its hardware and network infrastructure.

    Then "somehow" the worm leaked and ended up in the Israeli's hands. They adapted it and then (most likely) using double agents once again infiltrated the closed network of the Iranian Natanz refining facility and locally uploaded the modified code via USB memory sticks, resulting in the plants centrifuge's being shaken til they literally fell apart.

    Then fate stepped in. Somehow, on a workers computer the worm left the private Natanz network and ended up on the internet. It was then found by security researchers and subsequently reverse-engineered to the state we're at today. Both Stuxnet, Duqu, Flame and Gauss were in high probability written by the same people, in the same "factory" and are very closely related in many ways.

    I doubt this is the end of it either, the next threat could potentially already be in the wild and doing damage.
  7. Tygerstrike

    Tygerstrike TechSpot Enthusiast Posts: 827   +93

    lol thanks for the info Leeky. I was trying to state how there is no definative proof. Its all supposition. Of course no one is going to step forward and claim ownership of the program. That individual is either a govt employee or dead. Its just that we dont know who is really using the program. It may be Isriel or the US, but it could also be the Saudi's. It could be Syria. I guess untill someone gets caught or the creator of the program steps forward, we wont know.
  8. The cyber attack has a purpose: Trace the money going into Hezbullah and Hamas.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.