Gauss malware

The constant threat: viruses, trojans, spyware, ... the list goes on

Gauss malware

Post by WallShadow on Thu Aug 09, 2012 2:36 pm
([msg=68649]see Gauss malware[/msg])

Good afternoon HTS,

Found an interesting article based on a new malware called Gauss; http://www.securelist.com/en/analysis/2 ... stribution . Gauss seems to be just Flame 2.0 but still the newest of its kind. This whole family of Stuxnet, Duqu, Flame, and now Gauss is making me wonder; what's next? It truly seems like someone with a lot of money and a good team of hackers really wants to get something done. Also, unlike a lot of malware, the article claims that Gauss has no method of propagating and spreading. No drop box virus or worm has yet to be found, so who's ever doing this is taking a manual approach to it in hopes of not getting it spotted.

What do you guys think?
User avatar
WallShadow
Contributor
Contributor
 
Posts: 594
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: Gauss malware

Post by cyberdrain on Thu Aug 09, 2012 5:55 pm
([msg=68658]see Re: Gauss malware[/msg])

In my opinion all this guerilla warfare on the internet only has losers, the non-military users of the internet. It is a means to an end, but it only takes so long until someone decides the internet is too dangerous and writes something clever that will destroy the backbone instead of end users. Ok, maybe not that dramatic, but it could make the internet very unusable if left unchecked.

Still, it's interesting how this will be played out. I don't think it's manually installed, that'll only make tracing it easier. I think it uses something they didn't consider and that way still is somewhat stealthy. Either the creators are clever enough to only make it spread to non-bate-files or it has a manual switch that once activated will make it spread or stop spreading. This is more likely when looking at the the figures of which countries are infected. I think they decided to kill the spreading when the target they were after had been compromised. There is also no use for a sophisticated malware application if it won't infect or collect something from other computers, as you might as well take the information yourself and then leave. Furthermore: you'll only make it more suspicious if it only exists on a single network.

And then there is the case why the infections almost always are around the same area of the world. Why focus there? :roll:
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 982
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)



Return to Malware

Who is online

Users browsing this forum: No registered users and 0 guests