Difference between revisions of "Gauss: Nation-state cyber-surveillance meets banking Trojan"
m (1 revision imported) |
m (Text replacement - " www.securelist.com" to "") |
||
| Line 5: | Line 5: | ||
|Licence= | |Licence= | ||
|Video= | |Video= | ||
|Link=http://www.securelist.com/en/blog/208193767/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan | |Link=http://www.securelist.com/en/blog/208193767/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan | ||
|Author=GReAT, | |Author=GReAT, | ||
|NomRevue=Securelist | |NomRevue=Securelist | ||
Latest revision as of 18:58, 7 February 2015
(Publication) Google search: [1]
| Gauss: Nation-state cyber-surveillance meets banking Trojan | |
|---|---|
| |
| Botnet | Gauss, Stuxnet, Flame |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / August 09,2012 |
| Editor/Conference | Kaspersky lab |
| Link | http://www.securelist.com/en/blog/208193767/Gauss Nation state cyber surveillance meets banking Trojan (Archive copy) |
| Author | GReAT |
| Type | |
Abstract
“ Gauss is the most recent cyber-surveillance operation in the Stuxnet, Duqu and Flame saga.
It was probably created in mid-2011 and deployed for the first time in August-September 2011. Gauss was discovered during the course of the ongoing effort initiated by the International Telecommunications Union (ITU), following the discovery of Flame. The effort is aimed at mitigating the risks posed by cyber-weapons, which is a key component in achieving the overall objective of global cyber-peace. In 140 chars or less, “Gauss is a nation state sponsored banking Trojan which carries a warhead of unknown designation”. Besides stealing various kinds of data from infected Windows machines, it also includes an unknown, encrypted payload which is activated on certain specific system configurations. Just like Duqu was based on the “Tilded” platform on which Stuxnet was developed, Gauss is based on the “Flame” platform. It shares some functionalities with Flame, such as the USB infection subroutines. In this FAQ, we answer some of the main questions about this operation. In addition to this, we are also releasing a full technical paper (HTML version and PDF version) about the malware’s functionalities.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1078,
editor = {Kaspersky lab},
author = {GReAT},
title = {Gauss: Nation-state cyber-surveillance meets banking Trojan},
date = {09},
month = Aug,
year = {2012},
howpublished = {\url{http://www.securelist.com/en/blog/208193767/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan}},
}