Gauss malware

PostPosted: Thu Aug 09, 2012 2:36 pm
by WallShadow


Found an interesting article based on a new malware called Gauss; ... stribution . Gauss seems to be just Flame 2.0 but still the newest of its kind. This whole family of Stuxnet, Duqu, Flame, and now Gauss is making me wonder; what's next? It truly seems like someone with a lot of money and a good team of hackers really wants to get something done. Also, unlike a lot of malware, the article claims that Gauss has no method of propagating and spreading. No drop box virus or worm has yet to be found, so who's ever doing this is taking a manual approach to it in hopes of not getting it spotted.



PostPosted: Thu Aug 09, 2012 5:55 pm
by cyberdrain
In my opinion all this guerilla warfare on the internet only has losers, the non-military users of the internet. It is a means to an end, but it only takes so long until someone decides the internet is too dangerous and writes something clever that will destroy the backbone instead of end users. Ok, maybe not that dramatic, but it could make the internet very unusable if left unchecked.

Still, it's interesting how this will be played out. I don't think it's manually installed, that'll only make tracing it easier. I think it uses something they didn't consider and that way still is somewhat stealthy. Either the creators are clever enough to only make it spread to non-bate-files or it has a manual switch that once activated will make it spread or stop spreading. This is more likely when looking at the the figures of which countries are infected. I think they decided to kill the spreading when the target they were after had been compromised. There is also no use for a sophisticated malware application if it won't infect or collect something from other computers, as you might as well take the information yourself and then leave. Furthermore: you'll only make it more suspicious if it only exists on a single network.

And then there is the case why the infections almost always are around the same area of the world. Why focus there? :roll: