The latest news in malware has been the recent Kaspersky Labs discovery of the sophisticated attack toolkits named Gauss. Headlines also include reports of the Zegost RAT being served by compromised Nepalese government websites. However, the majority of the malware samples received the last couple of weeks have been related to the Blackhole Exploit Kit.

The Solutionary SERT research team has been tracking this issue for some time and our public reports up to this point have been relatively high-level. If what we’ve observed over the past few weeks is any indicator, Blackhole will not be going away any time soon, and it... read more >

Gauss has received significant media attention in the past week. Many have already begun to draw their own comparisons to Flame, as well as attempt to trace the genealogical descent to identify the family ties to Stuxnet and Duqu. Unlike the previous sophisticated attack toolkits, which have been called cyber-espionage toolkits, Gauss was designed to steal system-related information and gather banking, social networking, email and instant messaging (IM) credentials. While researchers have claimed this to be the latest in a series of possible state-sponsored attacks, theft of financial information is the unusual twist in this latest toolkit.

Enough information has been published about Flame and similarities to Stuxnet and Duqu so there is no need to rehash it all in this post. What we will look at are the similarities that Gauss has with Flame and even propose Gauss was written by the same people as Flame just as other researchers have done.

Flame was... read more >