“Palida Narrow” Font Shows If You’re Infected with Gauss

An online detection tool has been released by CrySyS

By on August 11th, 2012 10:36 GMT

After the world learned of the existence of Gauss – one of the latest state-sponsored pieces of malware – security solutions providers have rushed to ensure that their products detect any traces of the threat. However, according to experts there’s another method of detecting if you are a victim of the Trojan.

Apparently, Gauss installs a mysterious font called Palida Narrow (True Type) on the infected system. So, the presence of this font indicates the presence of the malware, Kaspersky reports.

Researchers from Hungarian security firm CrySyS have made available an online tool that immediately tells you if you have the font and, implicitly, if you are a victim of the malicious element that has been mainly targeting Lebanon.

Be advised that the online service doesn’t remove the threat, so you still need a decent antivirus solution if the results are positive.

The tool provided by CrySyS is available here.

1 Comment

Palida Narrow font indicates the presence of Gauss
   Palida Narrow font indicates the presence of Gauss