Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:19 AM
Connect Directly

Middle East Cyber Virus Signals a New Level of Malware Sophistication

A Stuxnet-like virus, called Gauss, was discovered two weeks ago in the Middle East spying on banking transactions of Citibank and PayPal customers.

Banks could not have been thrilled by the news earlier this month of the discovery of Gauss, a cyber virus unearthed in the Middle East that surveilled online banking transactions to steal users' credentials. Gauss targeted a number of Lebanese banks as well as Citibank and PayPal. And the Moscow-based lab that uncovered the virus reported an unnerving detail - that it was probably made by the same laboratories that produced the infamous Stuxnet, which attacked Iran's nuclear program a couple of years ago.

The discovery of Gauss is an example of the increasing sophistication of cyber fraud attacks, says Ben Knieff, a fraud expert at NICE Actimize, a risk and security solutions provider. Knieff compared the development of new security measures and countering fraud attacks to an arms race. "We come up with a solution, and then they overcome the barrier," he remarks. A year and a half ago fraudsters started figuring out how to overtake browser-hardening technologies. Then a year ago they learned how to ride in on a customer's session during login to bypass complex device device authentication methods. The appearance of a sophisticated malware virus aimed at gathering banking credentials that was possibly developed, like Stuxnet, by a state-sponsored lab signals a new step up in that arms race.

And the arms race is further complicated by the fact that most malware manufacturers tend to make several different "flavors" of the same software, Knieff adds. Each flavor operates differently and may have a different goal.

If there's anything positive to be gleaned from this increasing sophistication of malware attacks, Knieff says it's that attacks on banks' infrastructure seem unlikely. Reuters cited one researcher as mentioning that one module of Gauss could be used to attack infrastructure systems like Stuxnet attacked the systems that controlled Iran's centrifuges. The idea of a Stuxnet-like virus invading a bank's core systems is obviously a nightmare for banks.

But Knieff says banks have been focused for a long time on preventing attacks on their infrastructure, and fraudsters would rather go after the easier target of the customers rather than the bank itself. "Financial institutions have been focused for years on protecting against this. It's not likely that malware will attack a financial institution directly to get in to their vault," Knieff suggests. Rather than trying to attack the bank's infrastructure, like a robber trying to break into the bank's vault, fraudsters will probably continue targeting customers making online transactions, like mugging someone walking away from the ATM, he says.

[See Related: 5 Critical Strategies for Mobile Banking Security]

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.