Bitdefender releases tool for removing Gauss financial malware

Multiple security firms are now offering clean-up tools that target the password- and cookie-stealing malware, and both Kaspersky and Bitdefender reckon it's another state-sponsored security issue

The security firm Bitdefender has released a clean-up tool for those who think their PCs might be infected with the Gauss malware.

Gauss, which was outed by Kaspersky last week, is financial espionage malware that bears some resemblance to the Flame trojan, discovered back in May. Gauss can steal login credentials and cookies, and targets e-banking, social network and email accounts.

Like Kaspersky, Bitdefender is of the opinion that Gauss is a "state-sponsored cyber-weapon", of the same ilk as Flame and Stuxnet.

"This prompts us about the fact that cyber-warfare is moving into the financial sector: tracing the origins and destination of money, and who is funding what operations," Bitdefender chief security researcher Catalin Cosoi said in a statement.

Stuxnet is widely believed to have been created by the US and Israel. Two years ago it was  used to sabotage Iranian nuclear facilities .

Gauss has so far been used to steal data from Lebanese banks such as the Bank of Beirut and Credit Libanais, although Citibank and PayPal customers have also been targeted.

The malware has one particularly curious characteristic: it appears to install a modified font called Palida Narrow onto victims' computers. This makes the job of removal tools from Bitdefender and Kaspersky somewhat easier, as they can look for the telltale font.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All