Today, security experts at Kaspersky Lab revealed their discovery of a new “banking Trojan” named Gauss. According to Kaspersky’s researchers, Gauss is related to the Flame surveillance tool described in May as “one of the most complex threats ever discovered.” The Washington Post reported in June that Flame had been jointly developed by the United States and Israel to secretly map and monitor Iran’s computer networks as part of a cyberwarfare campaign.
Based on the same platform as Flame and sharing some of its functionalities, Gauss can harvest data from computers and send the mined information back to the attackers. Kaspersky’s analysts found that it could hijack account information for social network, email, and IM accounts; intercept browser cookies and passwords; infect USB sticks with a data stealing module; list the content of the system drives and folders; and steal credentials for various banking systems in the Middle East.
Kaspersky estimates that it could have targeted “tens of thousands of victims,” and the researchers say that since late May 2012 they have recorded more than 2,500 infections. The highest number of infections were found in Lebanon, followed by Israel, and Palestine. A smaller number of cases were also detected in the United States, the United Arab Emirates, Qatar, Jordan, Germany, and Egypt.
People talk about drone warfare as a unsustainable form of warfare that will eventually boomerang around to the USA’s own detriment. I suspect this is even more true of cyber warfare, where the entry level is much lower, and where foreign powers can relatively easily bring the USA’s entire internet structure to its knees.
The USA better watch what precedent it is setting…