Antivirus Protection & Internet Security Software
06 Oct 2011Virus News
Mobile transaction authorization numbers (mTAN) used to be one of the most reliable online banking protection mechanisms. However, with the emergence of a ZeuS Trojan for smartphones – ZeuS-in-the-Mobile, or ZitMo – mTANs can no longer guarantee that valuable user data will not fall into the hands of cybercriminals.
First detected in late September 2010, ZitMo is designed to steal mTAN codes sent by banks in text messages and remains one of the most interesting examples of malware for mobile phones. “First of all, it is cross-platform in nature: we detected versions for Symbian, Windows Mobile, BlackBerry and Android,” explains Denis Maslennikov, Senior Malware Analyst at Kaspersky Lab. “It is a Trojan with a very narrow specialization: its main aim is to forward incoming text messages with mTAN codes to malicious users (or a server, in cases involving ZitMo for Android) so that the latter can execute financial transactions using hacked bank accounts. But perhaps its most distinctive feature is its ‘partnership’ with the classic PC-based ZeuS Trojan. Without the latter, ZitMo is merely spyware capable of forwarding text messages. The ‘teamwork’ between the two components enables cybercriminals to successfully bypass mTAN security measures used in online banking.”
The attacks are generally orchestrated as follows:
Attacks involving ZitMo or malicious programs with similar functionality that are designed to steal mTAN codes or other confidential information will no doubt continue in the future. Therefore users of smartphones should remember some important rules of mobile security: always review the permissions that an application requests at install time; do not root or otherwise 'Jailbreak' your phone; avoid side loading (installing from non-official sources) when you can. If you do install Android software from a source other than the Market, be sure that it is coming from a reputable source. Don’t click the URLs you receive in spam SMS. Run a reputable antivirus on your phone, and keep it up to date. Install any and all security patches as soon as they are available.
For more details on the ZitMo Trojan and how it functions on different mobile platforms, see Denis Maslennikov’s article ‘ZeuS-in-the-Mobile – Facts and Theories’ at: www.securelist.com.
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software