by Constantine von Hoffman

Cybersecurity News Roundup: US, Israel Spark Flame Malware; Trojans Make Invisible Bank Transfers; and More

Jun 22, 20122 mins

This week's IT security news roundup has stories on the United States and Israel's role in the creation of the Flame malware; a new Trojan that steals money from bank accounts without detection; Android Malware posing as a security app; Google malware statistsics; and more.

U.S., Israel Identified as Sparks Behind Flame
: A Washington Post report citing unnamed sources says Israel and the United States are the creators of the highly sophisticated Flame malware that’s targeting Iranian computer systems. The malware is reportedly an effort of the National Security Agency, the CIA and Israel’s military. Flame has used destructive software such as the Stuxnet virus to cause malfunctions in Iran’s nuclear-enrichment equipment.

New Bank Trojans Make Invisible Transfers: Trend Micro says cybercriminals are using a Trojan tool that steals from compromised accounts and hides the transactions to make them invisible to account holders. Typical man-in-the-middle bank Trojan attacks–including Zeus and SpyEye–request bank credentials by splashing bogus credential screens at users. Trend Micro says the new Automatic Transfer System it identified hides even this activity from users.

Fake Android Security App is Zeus Malware: A series of malicious Android applications are masquerading as premium security apps. The fake security apps started showing up in early June, and they’re called “Android Security Suite Premium.” The apps appear to steal incoming SMS messages and send them off to one of the attacker’s command-and-control servers. Those incoming messages could contain sensitive data such as password-reset links or other information.

Google Finds 9,500 New Malicious Websites Every Day: Google released a slew of stats on its anti-malware work.

  • Google finds about 9,500 new malicious websites per day. The sites are either compromised by hackers or built specifically to distribute malware or launch phishing attempts.
  • Roughly 600 million Chrome, Firefox, and Safari users see millions of warnings per day about malware and phishing on sites the users are about to visit.
  • Between 12 million and 14 million Google Search queries per day display warnings that sites are compromised.
  • Google provides malware warnings on about 300,000 downloads per day through Chrome’s download-protection service.