The general concuss among security experts is that Gauss - like Flame, Duqu and Stuxnet before it - is a nation-state sponsored cyber-espionage toolkit, quite possibly built from the same components as Flame. What that program might be remains unclear as long as the encryption remains unbroken. Researchers reckon the hidden binary blob, when decrypted and executed, looks for a program specifically named using an extended character set, such as Arabic or Hebrew. Antivirus experts at the security biz and elsewhere have been burning the midnight oil in the days since, and although progress has been made - for example in analysing its architecture, unique modules and communication methods - the payload encryption is unbroken. Kaspersky Lab had tracked Gauss for weeks before announcing its discovery last week. While it's known that the complex malware features many information-stealing capabilities, with a specific focus on capturing website passwords, online banking account credentials and system configuration data from infected machines, the content of the virus's encrypted payload is still a mystery. ![]() ![]() Antivirus experts have called on cryptographers and other clever bods for help after admitting they are no closer to figuring out the main purpose of the newly discovered Gauss supervirus.
0 Comments
Leave a Reply. |