New State-Sponsored Malware "Gauss" Making the Rounds

EliSowash writes "A newly uncovered espionage tool, apparently designed by the same people behind the state-sponsored Flame malware that infiltrated machines in Iran, has been found infecting systems in other countries in the Middle East, according to Kaspersky researchers. Gauss is a nation-state-sponsored banking Trojan which carries a warhead of unknown designation. Besides stealing various kinds of data from infected Windows machines, it also includes an unknown, encrypted payload which is activated on certain specific system configurations. Just like Duqu was based on the 'Tilded' platform on which Stuxnet was developed, Gauss is based on the 'Flame' platform."

Re:So stupid it's got to be official.

[CanHasDIY]

yes but when you use it you are a threat to national security/terrorist....

Unless you run a bank like HSBC.

Then you get a slap on the wrist and stern talkin' to.

Gitmo is reserved for the proles; Party members need not concern themselves.

Re:What?

[FalconZero]

I think it's a mixed bag of things. Unmangled variables would be a great help - could tell you the native language of the developers. Code style can give hints as well - you can compare the style of code with the style of a known sample to give hints. Machine code structure can tell you which compiler was used (which gives you more hints).

If the developers used pure assembler (which people don't any more *laments*), and scrubbed your code properly you could make it much harder to trace (but doing so in itself gives you clues about the creator.

one step closer to the world of Neal Stephenson

[Doubting+Sapien]

In "The Diamond Age", sovereign powers and those with the means engage in (more or less) open conflict using nanomachines colloquially referred to as "mites". Particularly vicious "battles" in these conflicts manifest as smog-like pollution formed by mites of opposing factions destroying each other and leaving inert carcasses hanging in the air and settling over streets, building, etc. like a kind of artificial dust. Those unlucky enough to be caught outside during these times breath them in and have no end of resulting health problems. One of the secondary characters in the story actually ends up in a chronic/palliative care facility as a result of such ill health. Such are the collateral damages in this imagined world. Things like Stuxnet and now the subject of this article appears to be the manifestations of a software form of this type of "armed conflict" (if you can call it that.) Similarly, when non-targeted individuals become infected or otherwise gets caught in the cross-fire, collateral damages result in the form of lost productivity or perhaps just general nuisance. So......

Ask slashdot:

Can you think of an effective way for non-government affiliated denizens of the Internet to respond to such emerging scenarios where geo-politically driven cyber-conflicts have the potential to harm non-participants? For example, would it be appropriate to form an Internet version of the International Red Cross?

May inspire a Windows exodus...

[Kazoo+the+Clown]

If these events cause mass flight from Microsoft products, the NSA or whoever wrote the darn thing might want to think twice before they go to Microsoft asking for any back doors or any other favors, I suspect Ballmer won't take too kindly to the idea of exploiting Windows in the name of national security if it takes a big ding out of their bottom line...