"There are other, less risky, ways of getting financial transactions than going through someone's desktop," Ghosh said, "and this is just not the MO of traditional intelligence."

He said that Gauss could be from a nation-state, "since that's the kind of espionage they do in the Middle East."

But what does that matter once malware like Stuxnet, Flame and Duqu are in the wild, Ghosh said. "It ends up in people's hands. It will get repurposed. I don't think it is beyond the pale to suggest that it has been captured and repurposed for cybercrime and industrial or national security espionage."

Ben Knieff, a fraud expert and director of product marketing at NICE Actimize, said he would not speculate on what the motive of Gauss's creators is. "But I can say that malware like this may be looking at financial information for a variety of reasons," he said.

"It can be for espionage. They want to understand the transactions that a company or individual is making. That can be very valuable information. Money is power, but information is also power," Knieff said.