Mobile  |  About us  |  Photos  |  Videos  |  Subscriptions  |  RSS Feeds  |  Today's Paper  |  Classifieds  |  Contact Us
The Daily Star
THURSDAY, 24 APR 2014
09:13 AM Beirut time
Weather    
Beirut
17 °C
Blom Index
BLOM
1,214.01down
Lebanon
Follow this story Print RSS Feed ePaper share this
Spy virus targeting Lebanese bank customers: security firm
Reuters
Byblos Bank headquarters in Beirut, Lebanon. (The Daily Star)
Byblos Bank headquarters in Beirut, Lebanon. (The Daily Star)
A+ A-

BEIRUT/BOSTON: A new cyber surveillance virus is apparently targeting Lebanese and Arab bank accounts as well as email and social networking activity, according to leading computer security firm Kaspersky Lab.

Dubbed Gauss, the virus may also be capable of attacking critical infrastructure and was built in the same laboratories as Stuxnet, the computer worm widely believed to have been used by the United States and Israel to attack Iran’s nuclear program, Kaspersky Lab said Thursday.

Analysis of Gauss shows it was designed to steal data from several Lebanese banks including the Bank of Beirut, EBLF, BLOM Bank, Byblos Bank, Fransabank and Credit Libanais. In addition, it targets users of Citibank and PayPal.

The virus is apparently aimed at uncovering any suspicious financial transactions, perhaps to try to determine whether Hezbollah is using these banks to launder money.

The highest number of infections has been recorded in Lebanon, with more than 1,600 computers affected.

A banker told The Daily Star Lebanese banks always upgrade their computer and security system to protect transactions and customers account.

“Let them search as much as they want. They will find out sooner or later that Lebanese banks are clean and are not involved in any money laundering,” the banker said on condition of anonymity.

Lebanese banks have long brushed off accusations that they are involved in money laundering, stressing that they fully comply with strict banking regulations that require careful supervision of accounts.

Lebanon is one of the few countries in the world with banking secrecy, and Central Bank Governor Riad Salameh has said on many occasions that he will continue to uphold this secrecy.

Another leading banker told The Daily Star that the Association of Banks in Lebanon has held many meetings to discuss financial matters, but the issue of a virus targeting lenders or bank customers was never raised.

“This is the first time I hear about such a virus. I can’t say anything at moment because we have no information of such a virus,” the banker said

He added that it was too early to talk about countermeasures.

The Gauss code contains direct commands to intercept data required to work with Lebanese banks.

Kaspersky Lab said it found Gauss had infected 1,660 computers in Lebanon, 483 in Israel and 261 in the Palestinian Territories. It declined to speculate on who was behind the virus but said it was related to Stuxnet and two other cyber espionage tools, Flame and Duqu.

“After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same ‘factory’ or ‘factories,’” Kaspersky Lab said in a posting on its website. “All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations.”

Kaspersky Lab’s findings are likely to fuel a growing international debate over the development and use of cyber weapons. Those discussions were stirred up by the discovery of Flame in May by Kaspersky and others. Washington has declined comment on whether it was behind Stuxnet.

According to Kaspersky Lab, Gauss can steal Internet browser passwords and other data, send information about system configurations, steal credentials for accessing banking systems in the Middle East, and hijack login information for social networking sites, email and instant messaging accounts.

Modules in the Gauss virus have internal names that Kaspersky Lab researchers believe were chosen to pay homage to famous mathematicians and philosophers, including Johann Carl Friedrich Gauss, Kurt Godel and Joseph-Louis Lagrange.

Kaspersky Lab said it called the virus Gauss because that was the name of the most important module, which implements its data-stealing capabilities.

 
A version of this article appeared in the print edition of The Daily Star on August 10, 2012, on page 1.
Home Lebanon
 
     
 
Lebanon / Economics
Advertisement
Comments  

Your feedback is important to us!

We invite all our readers to share with us their views and comments about this article.

Disclaimer: Comments submitted by third parties on this site are the sole responsibility of the individual(s) whose content is submitted. The Daily Star accepts no responsibility for the content of comment(s), including, without limitation, any error, omission or inaccuracy therein. Please note that your email address will NOT appear on the site.

comments powered by Disqus
Advertisement


Baabda 2014
Advertisement
Follow us on Facebook Follow us on Twitter Follow us on Linked In Follow us on Google+ Subscribe to our Live Feed
Multimedia
Images  
Pictures of the day
A selection of images from around the world- Wednesday, April 23, 2014
View all view all
Advertisement
Rami G. Khouri
Rami G. Khouri
Israel shows Zionism’s true colors
Michael Young
Michael Young
For Christians, blessed are the dividers
David Ignatius
David Ignatius
An Iran deal is close, but we’re not there yet
View all view all
Advertisement
cartoon
 
Click to View Articles
 
 
News
Business
Opinion
Sports
Culture
Technology
Entertainment
Privacy Policy | Anti-Spamming Policy | Disclaimer | Copyright Notice
© 2014 The Daily Star - All Rights Reserved - Designed and Developed By IDS