Kaspersky finds new complex security threat

Small companies using web hosting services may need to ensure they have strong security systems in place to protect their operations from cyber-threats, which are growing in complexity and frequency.
In recent years, there have been several high-profile viruses uncovered that it has been suggested are the work of government-sponsored hackers. Viruses such as Stuxnet, Duqu and Flame have become progressively harder to track and may have the potential to do a lot of damage to a business or individual.
This week, security firm Kaspersky announced it has uncovered a new threat, which it stated bears many similarities to the Flame virus from earlier this year. It has named the code Gauss, after the title of its main module.
According to the firm's chief security expert Alexander Gostev, there are several key elements of Gauss - such as its design and code-base - that are shared with Flame. Indeed, it was only by using the knowledge gained from analysing Flame that researchers were able to detect Gauss, which is thought to have been active since September 2011.
Mr Gostev said: "Similar to Flame and Duqu, Gauss is a complex cyber-espionage toolkit, with its design emphasising stealth and secrecy." However, he noted it appears to have a different purpose to the earlier viruses, as it seems to be targeting multiple users with the intention of acquiring large amounts of data, with a focus on banking and financial details.
In additional to gathering access credentials for various online banking systems Kaspersky observed Gauss "steals detailed information about infected PCs including browser history, cookies, passwords, and system configurations". Also, while Flame was apparently focusing on users in Iran, Gauss is thought to be aimed at companies elsewhere in the Middle East, with Lebanon the main target.

Lebanese banks including the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais were the primary targets of the malware, Kaspersky's analysis revealed, while it has also been coded to target users of Citibank and PayPal.
Around 2,500 infected machines were uncovered by Kaspersky, though the firm stated it estimates the total number could be in the tens of thousands, making it significantly more widespread than Duqu or Flame. Find out more on how to maintain a dedicated server at snelserver.com.