Virus found in Mideast can spy on bank transactions
By Jim Finkle
BOSTON (Reuters) - A new cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login information for social networking sites, email and instant messaging, according to a leading computer security firm, Kaspersky Lab.
Dubbed Gauss, the virus may also be capable of attacking critical infrastructure and was very likely built in the same laboratories as Stuxnet, the computer worm widely believed to have been used by the United States and Israel to attack Iran's nuclear program, Kaspersky Lab said on Thursday.
The Moscow-based firm said it found Gauss had infected more than 2,500 personal computers, the bulk of them in Lebanon, Israel and the Palestinian territories. Targets included Lebanon's BlomBank, ByblosBank and Credit Libanais, as well as Citigroup Inc's Citibank and eBay's PayPal online payment system.
Officials with the three Lebanese banks said they were unaware of the virus. PayPal spokesman Anuj Nayar said the company was investigating the matter but was not aware of any increase in "rogue activity" as a result of Gauss. A Citibank spokeswoman declined to comment.
Kaspersky Lab would not speculate on who was behind Gauss, but said the virus was connected to Stuxnet and two other related cyber espionage tools, Flame and Duqu. The U.S. Department of Defense declined to comment.
"After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same 'factory' or 'factories,'" Kaspersky on its website. "All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations."
Kaspersky's findings are likely to fuel a growing international debate over the development and use of cyber weapons and espionage tools. Those discussions were stirred up by the discovery of Flame in May by Kaspersky and others.
Jeffrey Carr, an expert on cyber warfare who runs a small security firm known as Taia Global, said the U.S. government has long monitored Lebanese banks for clues about the activities of militant groups and drug cartels. He said Gauss was likely built by adapting technology deployed in Flame. Continued...