Security firm Kaspersky Labs warns of "Gauss", a newly discovered piece of malware that has much in common with the "Flame" and "Stuxnet" worms. The new Trojan is designed to steal large amounts of data, with a specific focus on online banking users and social networkers in the Middle East:
"Gauss bears a striking resemblance to Flame, with its design and code base, which enabled us to discover the malicious program. Similar to Flame and Duqu, Gauss is a complex cyber-espionage toolkit, with its design emphasising stealth and secrecy; however, its purpose was different than Flame or Duqu," said Alexander Gostev, chief security expert at Kaspersky Lab.
"Gauss targets multiple users in select countries to steal large amounts of data, with a specific focus on banking and financial information."
According to the firm Gauss is nation-state sponsored and snarfs up sensitive data. Although it has similarities with other bad actors, the bank account focus appears to be unique to it. Kaspersky Lab described it as a cyber-weapon.
Kaspersky Labs has discovered around 2,500 infections and estimates that tens of thousands of users may be infected with Gauss. The Trojan has an eye for Lebanese banks, including Bank of Beirut, Fransabank and Credit Libanais, but it also targets Citibank and PayPal users.