After the Cyber world learned of the existence of Gauss malware- the most recent cyber-surveillance operation in the Stuxnet, Duqu and Flame saga – security solutions providers have rushed to ensure that their products detect any traces of the threat. However, according to experts there’s another method of detecting if you are a victim of the Trojan.
Apparently, Gauss installs a mysterious font called Palida Narrow (True Type) on the infected system. So, the presence of this font indicates the presence of the malware, Kaspersky reports.Gauss malware
is developed in 2011-2012 along the same lines as the Flame project. The malware has been actively distributed in the Middle East for at least the past 10 months. The largest number of Gauss infections has been recorded in Lebanon, in contrast to Flame, which spread primarily in Iran. more details >>
Researchers from Hungarian security firm CrySyS have made available an online tool that immediately tells you if you have the font and, implicitly, if you are a victim of the malicious element that has been mainly targeting Lebanon.
Be advised that the online service doesn’t remove the threat, so you still need a decent antivirus solution if the results are positive.
You can use free Kaspersky Virus Removal Tool for cleaning the malware.
