A new cyberweapon that secretly steals bank account information from its victims was exposed on Thursday.
The sophisticated malware, discovered by Internet security company Kaspersky Labs, has been capturing online bank account login credentials from its victims since September 2011. There's no evidence it's been used to steal any money. The virus instead appears to be a spy interested in tracking funds: It collects banking login information, sends it back to a server, and quickly self-destructs.
Dubbed "Gauss," a name taken from some of the unique file names in its code, the malware appears to be a cyber-espionage weapon designed by a country to target and track specific individuals. It's not known yet who created it, but Gauss shares many of the same code and characteristics of other famous state-sponsored cyberweapons, including Stuxnet, Duqu and Flame.
Those viruses are widely believed to have been developed by the U.S. government. But unlike Stuxnet and Flame, which targeted an Iranian nuclear facility and spied on Iran's government officials, Gauss seems to have primarily gone after people in Lebanon.