Another link found between Gauss and Flame malware

posted onAugust 24, 2012
by l33tdawg
http://www.flickr.com/photos/calliope/57501838/
Credit: http://www.flickr.com/photos/calliope/57501838/

The hackers behind the Gauss cyber-espionage malware targeting banks in the Middle East are directing infected computers to connect to command-and-control servers used by the Flame spyware, researchers said today.

This is the latest sign that the same people behind Gauss also played a part in the creation of Flame, which is linked to Stuxnet and its simpler cousin Duqu. Stuxnet, which appears to have been designed to sabotage Iran's nuclear program, was the first real cyberweapon targeting critical infrastructure systems. The U.S., with help from Israel and possibly others, is believed to have been behind Stuxnet and Flame, to thwart Iran's nuclear program and preempt a military strike, according to several reports.

"Gauss bot masters have directed their zombies to connect to the Flame/SkyWiper CnC to take commands," a post on the FireEye Malware Intelligence Lab says. "Previously Kaspersky found intriguing code similarities between Gauss and Flame, but this shift in its CnC confirms that the guys behind Gauss and Flame/SkyWiper are the same."

Source

Tags

Viruses & Malware

You May Also Like

Other Articles In This Section

Recent News

Friday, May 10th

Boeing Confirms Lockbit Hackers Wanted $200 Million Ransom After 2023 Hack
Dell discloses data breach of customers’ physical addresses
Poland says it was targeted by Russian military intelligence hackers
Leaked FBI email stresses need for warrantless surveillance of Americans
Stack Overflow users sabotage their posts after OpenAI deal
Fedora Asahi Remix 40 is another big step forward for Linux on Apple Silicon Macs
6 Practical Tips for Using Anthropic's Claude Chatbot

Thursday, May 9th

OpenAI Is ‘Exploring’ How to Responsibly Generate AI Porn
Dell responds to return-to-office resistance with VPN, badge tracking
Hands-on with the new iPad Pros and Airs: A surprisingly refreshing refresh

Wednesday, May 8th

Chinese Hackers Deployed Backdoor Quintet to Down MITRE
Apple announces M4 with more CPU cores and AI focus
Boeing says workers skipped required tests on 787 but recorded work as completed
Ransomware mastermind LockBitSupp has been ID’d
OpenAI’s flawed plan to flag deepfakes ahead of 2024 elections

Tuesday, May 7th

Indian police adopt facial recognition despite risk of massive data breaches
Cybersecurity Workforce Sustainability Has a Problem
New Cuckoo macOS malware can take over all Macs and steals your passwords too
Apple’s iPhone Spyware Problem Is Getting Worse
Tesla announces fourth round of layoffs in four weeks
New Microsoft AI model may challenge GPT-4 and Google Gemini
Novel attack against virtually all VPN apps neuters their entire purpose
Hackers discover how to reprogram NES Tetris from within the game

Monday, May 6th

NASA hasn’t landed on the Moon in decades—China just sent its third in six years
Counterfeit Cisco gear ended up in US military bases, used in combat operations
Microsoft plans to lock down Windows DNS like never before. Here’s how.
These dangerous scammers don’t even bother to hide their crimes

Friday, May 3rd

Iranian state-backed cyber spies continue to impersonate media brands, think tanks
Malware attacks on Docker Hub spread millions of malicious repositories
Want to Buy a Decommissioned Supercomputer? Here’s Your Chance
Maximum-severity GitLab flaw allowing account hijacking under active exploitation
Would You Still Use Google if It Didn't Pay Apple $20 Billion to Get on Your iPhone?

Thursday, May 2nd

Nvidia's flagship gaming GPU can crack complex passwords in under an hour
The US Government Is Asking Big Tech to Promise Better Cybersecurity
Email reveals Microsoft's rushed decision to invest in OpenAI