Bitdefender releases tool for removing Gauss financial malware

Bitdefender releases tool for removing Gauss financial malware

Summary: Multiple security firms are now offering clean-up tools that target the password- and cookie-stealing malware, and both Kaspersky and Bitdefender reckon it's another state-sponsored security issue

TOPICS: Security, Malware

The security firm Bitdefender has released a clean-up tool for those who think their PCs might be infected with the Gauss malware.

Gauss, which was outed by Kaspersky last week, is financial espionage malware that bears some resemblance to the Flame trojan, discovered back in May. Gauss can steal login credentials and cookies, and targets e-banking, social network and email accounts.

Like Kaspersky, Bitdefender is of the opinion that Gauss is a "state-sponsored cyber-weapon", of the same ilk as Flame and Stuxnet.

"This prompts us about the fact that cyber-warfare is moving into the financial sector: tracing the origins and destination of money, and who is funding what operations," Bitdefender chief security researcher Catalin Cosoi said in a statement.

Stuxnet is widely believed to have been created by the US and Israel. Two years ago it was used to sabotage Iranian nuclear facilities.

Gauss has so far been used to steal data from Lebanese banks such as the Bank of Beirut and Credit Libanais, although Citibank and PayPal customers have also been targeted.

The malware has one particularly curious characteristic: it appears to install a modified font called Palida Narrow onto victims' computers. This makes the job of removal tools from Bitdefender and Kaspersky somewhat easier, as they can look for the telltale font.

Topics: Security, Malware

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to start the discussion