19 May 2011

Sunspot malware possess financial fraud capabilities

Sunspot, a Windows malware platform that has been circulating for some time, now has the capabilities of committing financial fraud, according to a recent report by an internet security company.

The malware currently is targeting North American financial institutions, including devastating infection rates on the level of the SpyEye and Zeus Trojans. According to the report, the company has witnessed increased financial malware flooding the internet during the past 18 months, including the Silon and the OddJob threats.

Sunspot was not originally developed as crime ware, but was apparently reprogrammed for such a task. The malware is also part of a growing trend of payment card theft through the internet, making the cyber criminals more difficult to track, the report stated.

“A layered security approach that combines server-side and client-side zero day attack protection is the most effective way to protect users against crime ware, since anti-virus programs are lagging way behind in their ability to detect these programs,” wrote Amit Klein in a blog post for the security company.

According to an internet security expert, if proper collaboration occurs between IT departments, then up to 90 percent of cloud-based malware identification and information capabilities could be eliminated.