by Constantine von Hoffman

Cybersecurity News Roundup: Blizzard Breach; Gauss Malware; and Stolen Police Spyware

Aug 10, 20123 mins

This week's IT security news roundup features stories on an online video-game service that was hacked; the newly discovered Gauss malware; spyware designed for use by law enforcement showing up where it shouldn't; and more.

World of Hackcraft: Blizzard Users’ Info Stolen
: Video-game publisher Blizzard, maker of Diablo III, World of Warcraft and other popular games, told North American players to immediately change their passwords after the company’s security team this week discovered that its internal network had been illegally accessed. No details are available on the number of accounts compromised but it may be very large. Attackers accessed the email addresses of users of the gaming portal outside of China, along with personal security questions and other information related to mobile and dial-in authenticators. They also took encrypted versions of passwords for players on North American servers, including users from Latin America, Australia, New Zealand and Southeast Asia.

“This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened,” said Blizzard president and co-founder Mike Morhaime in an “important security update” posted late Thursday.

Gauss Malware Sparked by Flame, Infects Thousands of PCs in Middle East: A newly identified piece of malware is a direct descendant of Flame, experts say, and it has been found on thousands of PCs in the Middle East. The program, named Gauss, has some of the same code as Flame, but it is different in a number of ways. Most notably: Gauss can steal online banking credentials, and it has an encrypted payload that experts haven’t been able to crack. Researchers say Gauss is almost certainly the work of the same team that created the Flame malware, which is thought to be is a U.S., state-sponsored group.

Crooks Thought to Have Stolen FinFisher Police Spyware: FinFisher, a spyware tool sold to law enforcement agencies, was detected in countries where it should never have been available, suggesting it may already have been commandeered by cyber criminals. Researchers at Rapid7 identified the IP addresses of a handful of command and control (C&C) servers using FinFisher, which was developed by Gamma Group. The researches say they analyzed characteristics that let them identify communications between FinFisher and C&C servers. They then tracked the spyware and found 12 C&C servers in the United States, Indonesia, Australia, Qatar, Ethiopia, Czech Republic, Estonia, Mongolia, Latvia and Dubai. Last month, Bloomberg reported on Gamma Group claims that copies of its software found in Bahrain must have been stolen. 

New Malware Targets BlackBerry, Really: Good news for BlackBerry: Someone still thinks Research In Motion (RIM) devices are worth hacking! Kaspersky Lab found a new version of the infamous Zeus banking Trojan that targets BlackBerry devices. On Tuesday the researchers said they found several new samples of the Zitmo (Zeus in the mobile), some of which target the BlackBerry platform. This variant has reportedly been operating for at least two years. The Trojan masquerades as a banking security application or security add-on.