Flame-Linked Malware Hits Lebanon
Gauss spyware nabs bank credentials, may attack infrastructure
By Matt Cantor,  Newser User
Posted Aug 10, 2012 8:53 AM CDT
Malware is affecting Lebanese bank clients.   (Shutterstock)

(Newser) – Looks like the people who created Flame are at it again. New malware has struck at least 2,500 computers in 25 countries, the lion's share in Lebanon, Wired reports, noting that "the discovery appears to add to the steadily growing arsenal of malware created by the US and Israeli governments." The so-called Gauss spyware gathers system information and bank login information, and may also be engineered for infrastructure attacks. Predecessors like Stuxnet "were obviously single-goal operations. But here I think what you see is a broader operation happening all in one," says an analyst behind the find.

Apparently created sometime last year, Gauss was discovered by the Russian team that came upon state-backed spyware Flame. It looks to be the first time potentially government-created malware has sought to obtain banking credentials, as criminal hackers often do—though officials would likely use the information for intelligence purposes rather than stealing cash, speculates Wired. Its potential effects on infrastructure still haven't been decoded, but it may have affected far more than the 2,500 computers traced so far: The figure could be in the hundreds of thousands, the Russian analysts say.