New Gauss Malware, Descended From Flame and Stuxnet, Found On Thousands of PCs in Middle East

A new piece of malware dubbed Gauss, that experts say is a direct descendant of Flame and also related to Stuxnet and Duqu, has been found on thousands of PCs in the Middle East, mostly in Lebanon. Gauss contains some of the same code as Flame, but is markedly different in a number of respects, specifically in its ability to steal online banking credentials and has an encrypted payload that experts haven’t yet been able to crack. Researchers say that Gauss is almost certainly the work of the same team that wrote the Flame malware, which they speculate is a state-sponsored group.

Nepalese Government Sites Hacked, Serving Zegost Malware

Researchers have uncovered another in an ongoing series of targeted attacks against government agencies and activists, this time an attack that compromised a pair of Nepalese government web sites with code that exploits a Java vulnerability to install a backdoor on vistors’ machines. 


Do not envy the life of a Web app. It’s a brutal, public existence filled with attacks from all sides. In fact, a new report by Imperva sheds some light on this sad life, showing that a typical Web app is attacked once every three days and some are targeted as many as 2,700 times in a given year.

One of the more pernicious and as-yet incurable diseases in security is the resistance to sharing data. Organizations large and small collect all sorts of information on attacks, vulnerabilities and threats and, for the most part, it simply sits in databases and is never of any use to anyone outside of the organization. But there’s an effort underway at the Georgia Tech Research Institute to change that through the use of a new information-gathering and analysis system called Titan.

Android devices have remained a constant target of attacks over the last quarter thanks in part to new variants from the FakeInst and OpFake families of malware. According to the latest version of the F-Secure Mobile Threat Report, the firm found 5033 malicious Android application packages (APKs), a 64 percent increase over the 3063 the firm identified in the first quarter of 2012.

One of the men authorities allege to have been behind the massive–and now dead–Mariposa botnet, has gone on trial in Slovenia, more than two years after the initial arrests and takedown of the network. 

Researchers have found several samples of a new version of the mobile version of the Zeus malware, with these newest ones targeting the BlackBerry platform. BlackBerry has not been a common target for attackers, despite the high-value user base of corporate executives and government officials, but that may be changing now with this new version of Zitmo targeting RIM’s devices.