Russian computer security company, Kaspersky Lab, issued a statement on Thursday that a new computer virus has been found circulating in the Middle East, specifically targeting the Lebanese banking system.
The existence of such a virus would expand the online framework deployed by the U.S. and Israel against rivaling entities in the region. The virus, dubbed Gauss, was aimed at stealing financial information from customers of a series of Lebanese banks.
Kaspersky said that similarities in coding, structure, and operation meant it could say "with a high degree of certainty" that Gauss was related to Flame, a sophisticated piece of spyware that prompted an Internet blackout across Iran's oil industry in April, and to Stuxnet, an infrastructure-wrecking worm.
Recent reports in The New York Times and The Washington Post have tied both Flame and Stuxnet to a secret U.S.-Israeli program aimed at destabilizing Iran's atomic energy program, which many Western countries believe is a cover for the development of nuclear weapons.
The Russian security company acknowledged that much remained unclear about the virus's capabilities, including its ultimate purpose. Kaspersky said the virus' command-and-control servers were shut down last month, meaning that, for the time being, "the malware is in a dormant state."
Kaspersky outlined several similarities between Gauss and Flame, a program recently-discovered vacuuming information from computers in Iran. So powerful was the spyware that in late April Iranian officials briefly disconnected the entire country's oil industry — including the oil ministry, energy rigs, and the strategic Kharg Island oil terminal — in a bid to contain Flame's data theft.
Flame, in turn, has been linked to Stuxnet, a program aimed at sabotaging uranium enrichment at Iranian nuclear facilities. Stuxnet's discovery in 2010 was of particular interest to cybersecurity professionals because it interfered with the action of German-made centrifuges — one of the most high-profile examples of a computer virus causing physical havoc at an industrial facility.
It is not clear how Gauss would fit in to such a program, and Kaspersky acknowledged that stealing money from banks does not seem like an activity that countries such as Israel and the U.S. are likely to be engaged in.
"People are definitely getting excited about it because of the supposed connection to Flame and Stuxnet," Chris Astacio, of San Diego-based Websense, said in a telephone interview. "But without looking at the binary [the raw code of the virus], we can't really comment."
Kaspersky stated it is working with the International Telecommunication Union to notify those affected by the infection.