Computer server room.
Computer server room. Photo by AP
Text size

The Kaspersky internet security firm announced on Thursday that it has detected of a new kind of computer virus that has been targeting computers in Lebanon, Israel, and the Palestinian Authority.

According to the firm, the new virus, called Gauss, was designed as a spy tool, and that it was programmed using the platform of another computer virus, Flames, which was exposed earlier this year.

In the past, Kaspersky officials have determined that there was a clear link between Flame, Stuxnet – the computer worm reportedly used to target Iran's nuclear facilities – and another virus by the name of Doqu.

What this means, is that Gauss could be another in a chain of cyber assault tools developed by a single country, or by a many countries.

According to the security firm, Gauss injects code into different internet browsers in order to track the users' activities and steal passwords, "cookie" files, and browser history. In addition, it also collects information on the computer's network connections and attached devices, which he sends to the virus' control servers.

Kaspersky indicated that Gauss was developed in 2011-2012, and was actively distributed throughout the Middle East in the last ten months. Most of the infected computers were in Lebanon (1,660), with Israel a distant second, housing 483 computers with the virus.

In addition, 261 infected computers were also found in the Palestinian Authority, along with a handful of computers in Egypt, Qatar, Syria, Jordan, and Saudi Arabia, as well as 43 in the United States and five in Germany.

The virus reportedly injured Microsoft operation systems, from Windows 7 to Windows XP.

Last month, the Iranian Students' News Agency quoted an unnamed cyber security official as saying that the United States will face a "teeth-breaking" response if it continues to carry out cyber attacks against Iran.

Iran has previously accused the United States and its allies of trying to sabotage its disputed nuclear program by using computer worms like Stuxnet, which caused centrifuges at the country's main enrichment facility to fail in 2010.

In June, Iran said it had detected plans by the United States, Israel and Britain to launch what it said was a massive cyber strike, after diplomatic efforts to curb Tehran's nuclear program broke down.

Western powers believe Iran wants to produce atomic bombs, a charge Tehran denies. It says it only wants the technology to generate medical isotopes to treat cancer patients.