|
Thread Rating:
- 2 Votes - 3 Average
- 1
- 2
- 3
- 4
- 5
|
Updated! Virus Seeking Bank Data Is Tied to Attack on Iran
|
Ðґℙ☺ṧ⊥мαη
Disgruntled but unarmed
User ID: 111522
08-09-2012 07:08 PM
Posts: 11,786
|
 Updated! Virus Seeking Bank Data Is Tied to Attack on Iran
A new “cyber-espionage” toolkit that can track browser passwords, online banking credentials, cookies and other personal data has been identified in the wild, security researchers have announced. “Gauss” has until now been targeting users in the Middle-East, Kapersky Lab reports, exploiting previously-unseen loopholes and capable of stealing data from banks including Citibank, PayPal and Bank of Beirut. Somewhat bizarrely – and still unexplained – it also installs a special font on the victim’s machine.
The purpose of that font, called Palida Narrow, is currently unknown, though the trojan’s other abilities are more concerning. Gauss can infect USB drives and monitor browsers, sucking passwords, site history and other credentials and sending them to a remote command machine. It also runs a profile on the infected machine and reports that back, including details on network interfaces, BIOS and what drives are present.
Several Lebanese banks have been specifically targeted, with customers of the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais all apparently susceptible. Gauss has also been seen to target users of Citibank and PayPal.
While it shares features with Stuxnet and Flame, Gauss is said to be more complex in how it can hide on a system. Although it uses similar methods to infect removable drives, it’s also capable of “disinfecting” the drive if need be, at other times using it to store data in a hidden file so that it is not discovered by regular local-drive anti-malware scans.
Read The Rest HERE
"Conservatives want people not to even have to think about government. It's kind of like an
operating system in a computer. You just want it to work. Liberals want to run the operating
system, and they want to use the OS against you, or their political enemies."
-Rush Limbaugh
DrPostman BsD
![[Image: black_cat.gif]](http://www.netanimations.net/black_cat.gif)
|
|
|
(This post was last modified: 08-10-2012 07:13 AM by Ðґℙ☺ṧ⊥мαη.)
|
|
Skippy
It's a pickle...
User ID: 111122
08-09-2012 07:12 PM
Posts: 12,387
|
|
|
|
Rager
lop guest
User ID: 113404
08-09-2012 07:14 PM
|
RE: Gauss malware eats banking details: Flame just got hotter
|
|
|
|
LoP Guest
lop guest
User ID: 112985
08-09-2012 07:18 PM
|
RE: Gauss malware eats banking details: Flame just got hotter
Intelligence services are getting frisky with their surveillance crap...
|
|
|
|
SoSayWeAll
Banned
User ID: 53411
08-09-2012 07:32 PM
Posts: 7,267
|
RE: Gauss malware eats banking details: Flame just got hotter
Skippy Wrote:Published in 1992:
![[Image: A784_5023EF46.jpg]](http://imgupld.lunaticoutpost.com/graphic/images/2012/August/09/A784_5023EF46.jpg)
And thusly would be one good way to begin the erasure of all record of a previous cycle of history, as yet another begins.
Within a couple generations, all memory of our earlier development will be eradicated, leaving us once again nothing more than a motley collection of starving ignorant goat herders, at the complete mercy of who ever appoints themselves our masters.
How many times have we been subjected to this since we've been here?
|
|
|
|
Ðґℙ☺ṧ⊥мαη
Disgruntled but unarmed
User ID: 111522
08-09-2012 07:36 PM
Posts: 11,786
|
RE: Gauss malware eats banking details: Flame just got hotter
"Conservatives want people not to even have to think about government. It's kind of like an
operating system in a computer. You just want it to work. Liberals want to run the operating
system, and they want to use the OS against you, or their political enemies."
-Rush Limbaugh
DrPostman BsD
|
|
|
|
LOPster Jesus
A regular dude, sorry I ain't no messiah
User ID: 80419
08-09-2012 07:37 PM
Posts: 8,250
|
RE: Gauss malware eats banking details: Flame just got hotter
Very interesting. Man this sucks, when people used to call me for virus repair, 90% of the time I could easily reassure them it was no big deal because they mostly just pop up annoying ads and redirect your browser. Now they might actually have to be concerned. Hell I might actually be concerned. Just one more reason to find a good linux distro that is simple enough to learn yet solid enough to not be susceptible to this crap.
I wonder if anyone has actually analyzed the font set character map. I bet there are some special characters or code bits in that font set that help the virus exploit loopholes. They don't just include stuff in viruses for the fun of it, I betchya that font has a specific purpose. Very interesting stuff!
Be yourself. Find Yourself. Find Peace. Find God. Be in joy. Share your joy. Spread it joyfully!
 
|
|
|
|
Ðґℙ☺ṧ⊥мαη
Disgruntled but unarmed
User ID: 111522
08-09-2012 07:40 PM
Posts: 11,786
|
RE: Gauss malware eats banking details: Flame just got hotter
kettlnaut Wrote:I wonder if anyone has actually analyzed the font set character map. I bet there are some special characters or code bits in that font set that help the virus exploit loopholes. They don't just include stuff in viruses for the fun of it, I betchya that font has a specific purpose. Very interesting stuff!
It's the addition of a font that has me fascinated with this. I'd love to
see what that's about. It might just be a false lead to keep the virus
hunters chasing their tails though.
"Conservatives want people not to even have to think about government. It's kind of like an
operating system in a computer. You just want it to work. Liberals want to run the operating
system, and they want to use the OS against you, or their political enemies."
-Rush Limbaugh
DrPostman BsD
|
|
|
|
Askakido
Registered User
User ID: 39691
08-09-2012 08:04 PM
.jpg)
Posts: 1,950
|
RE: Gauss malware eats banking details: Flame just got hotter
LoP Guest Wrote:Intelligence services are getting frisky with their surveillance crap...
and being used by the Conning Bankers to help hide their actions behind a flash flood of erased, altered banking data.. so that like the JFK killers no one will ever know what was real or way is conspiracy theory flood waters.
Muddy the waters people that is how it is done if you want to achieve in doing criminal things.
Last time they used air planes and falling down buildings to accomplish this task, now with so much cyberspace espionage its just so easy now to not have to go through all that physical damage to hide the thefts.
|
|
|
|
(This post was last modified: 08-09-2012 08:05 PM by Askakido.)
|
|
Askakido
Registered User
User ID: 39691
08-09-2012 08:09 PM
Posts: 1,950
|
RE: Gauss malware eats banking details: Flame just got hotter
SoSayWeAll Wrote:Skippy Wrote:Published in 1992:
And thusly would be one good way to begin the erasure of all record of a previous cycle of history, as yet another begins.
Within a couple generations, all memory of our earlier development will be eradicated, leaving us once again nothing more than a motley collection of starving ignorant goat herders, at the complete mercy of who ever appoints themselves our masters.
How many times have we been subjected to this since we've been here?
Well, not quite... not until all the moldering books are burned or fall to dust or people forget how to read.
Think the human race has ever been at that point in the past? I think so, several times.
EMP and all that electronic data is vaporware, back to be electrion pixie dust.
|
|
|
|
MountainTux NLI
lop guest
User ID: 57866
08-09-2012 08:15 PM
|
RE: Gauss malware eats banking details: Flame just got hotter
Interesting.
The ONLY reason I can come up with at first blush to install a font is if the virus is designed at some point to pop a custom message. Some of the earlier rogue antivirus style infections did the same thing. Which was in fact extremely convenient, as there was a positive hallmark of infection that could be found in under ten seconds, meaning I could clear the infection on a customer machine in under two minutes 
It seems odd, however, that something of the apparent complexity of Gauss should have such a glaring flaw... that's a really amateur mistake. So... is it actually a mistake? Hmm, curiouser and curiouser...
|
|
|
|
SoSayWeAll
Banned
User ID: 53411
08-09-2012 08:19 PM
Posts: 7,267
|
RE: Gauss malware eats banking details: Flame just got hotter
Askakido Wrote:SoSayWeAll Wrote:Skippy Wrote:Published in 1992:
And thusly would be one good way to begin the erasure of all record of a previous cycle of history, as yet another begins.
Within a couple generations, all memory of our earlier development will be eradicated, leaving us once again nothing more than a motley collection of starving ignorant goat herders, at the complete mercy of who ever appoints themselves our masters.
How many times have we been subjected to this since we've been here?
Well, not quite... not until all the moldering books are burned or fall to dust or people forget how to read.
Think the human race has ever been at that point in the past? I think so, several times.
EMP and all that electronic data is vaporware, back to be electrion pixie dust.
The burning of the library at Alexandria...
Ring any bells?
|
|
|
|
Skippy
It's a pickle...
User ID: 111122
08-09-2012 08:28 PM
Posts: 12,387
|
RE: Gauss malware eats banking details: Flame just got hotter
SoSayWeAll Wrote:Askakido Wrote:SoSayWeAll Wrote:And thusly would be one good way to begin the erasure of all record of a previous cycle of history, as yet another begins.
Within a couple generations, all memory of our earlier development will be eradicated, leaving us once again nothing more than a motley collection of starving ignorant goat herders, at the complete mercy of who ever appoints themselves our masters.
How many times have we been subjected to this since we've been here?
Well, not quite... not until all the moldering books are burned or fall to dust or people forget how to read.
Think the human race has ever been at that point in the past? I think so, several times.
EMP and all that electronic data is vaporware, back to be electrion pixie dust.
The burning of the library at Alexandria...
Ring any bells?
Very true thoughts... If you decode the book text, to "winter, 2012" and also 2012 being a significant Olympic year, it makes you wonder...
December 21st, right?...
http://www.youtube.com/watch?v=gQFzLO--2R0 <== The Cause
![[Image: 23tilup.png]](http://i48.tinypic.com/23tilup.png)
|
|
|
|
Flat
Stoppin' Threads Since '50
User ID: 110393
08-09-2012 08:31 PM
Posts: 1,070
|
RE: Gauss malware eats banking details: Flame just got hotter
Someone make a virus that infects my computer and deletes everything that I didn't put there. Make it do this constantly. Make it smart enough to eat this new virus. Call it Cookie Monster.
Jedi programmers, we need you.
Who makes a virus anyway? Maybe when I was twelve...
|
|
|
|
Flat
Stoppin' Threads Since '50
User ID: 110393
08-09-2012 08:32 PM
Posts: 1,070
|
RE: Gauss malware eats banking details: Flame just got hotter
Askakido Wrote:Well, not quite... not until all the moldering books are burned or fall to dust or people forget how to read.
Think the human race has ever been at that point in the past? I think so, several times.
EMP and all that electronic data is vaporware, back to be electrion pixie dust.
|
|
|
|
|
Russians drive over North Pole to Canada
