Skip to main content

Kaspersky & CrySyS unveil online scan for Gauss malware

Researchers at Kaspersky Lab have teamed up with Hungarian research lab CrySyS for an online tool that detects if your device is infected with Gauss malware.

While Kaspersky said the most reliable way to check for infection is via antivirus software (like Kaspersky Anti-Virus 2012, of course), the website set up by CrySys can also scan your gadget.

To check, navigate to A message will say: "We are now testing your computer for Gauss infection and Palida font installation." When the "test finished" message appears, select the "Click here for results" link.

My computer here was, thankfully, not infected. "Your computer seems to not have Palida fonts installed. Your computer is probably not infected by Gauss malware. Please, however, cross-check with antivirus products!" according to the message received.

CrySyS noted that it is seeing "some strange results" on Android phones, particularly those from HTC. "If you find yourself positive in the test - please check your system, but maybe it is just some strange situation we were not prepared to [handle]," the firm said.

More technical details are available on the CrySyS blog.

If you receive a message indicating that you are infected, Kaspersky offered to help and asked that you email them at:

Kaspersky unveiled the existence of Gauss last week. It's a cyber threat targeting users in the Middle East that is intended to steal personal details, like banking information. According to Kaspersky, Gauss includes characteristics not found in any previously discovered cyber weapons.

Gauss steals detailed information like browser history, cookies, passwords, and system configurations, Kaspersky said, but it can also steal things like credentials for various online banking systems and payment methods.

Specifically, it appears that Gauss was designed to steal data from Lebanese banks like Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais, as well as Citibank and PayPal.