Gauss: Nation-state cyber-surveillance meets banking Trojan

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Gauss: Nation-state cyber-surveillance meets banking Trojan
Gauss Nation-state cyber-surveillance meets banking Trojan.png
Botnet Gauss, Stuxnet, Flame
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / August 09,2012
Editor/Conference Kaspersky lab
Link http://www.securelist.com/en/blog/208193767/Gauss Nation state cyber surveillance meets banking Trojan (Archive copy)
Author GReAT
Type

Abstract

Gauss is the most recent cyber-surveillance operation in the Stuxnet, Duqu and Flame saga.

It was probably created in mid-2011 and deployed for the first time in August-September 2011. Gauss was discovered during the course of the ongoing effort initiated by the International Telecommunications Union (ITU), following the discovery of Flame. The effort is aimed at mitigating the risks posed by cyber-weapons, which is a key component in achieving the overall objective of global cyber-peace. In 140 chars or less, “Gauss is a nation state sponsored banking Trojan which carries a warhead of unknown designation”. Besides stealing various kinds of data from infected Windows machines, it also includes an unknown, encrypted payload which is activated on certain specific system configurations. Just like Duqu was based on the “Tilded” platform on which Stuxnet was developed, Gauss is based on the “Flame” platform. It shares some functionalities with Flame, such as the USB infection subroutines. In this FAQ, we answer some of the main questions about this operation. In addition to this, we are also releasing a full technical paper (HTML version and PDF version) about the malware’s functionalities.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1078,
   editor = {Kaspersky lab},
   author = {GReAT},
   title = {Gauss: Nation-state cyber-surveillance meets banking Trojan},
   date = {09},
   month = Aug,
   year = {2012},
   howpublished = {\url{http://www.securelist.com/en/blog/208193767/Gauss_Nation_state_cyber_surveillance_meets_banking_Trojan}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=Gauss:_Nation-state_cyber-surveillance_meets_banking_Trojan&oldid=3061"