ZeuS Variant Targets Android Smartphones

Anti-virus vendors have detected a variant of the ZeuS Trojan horse program that can infect Android smartphones. The malware in this case is a variant of Zitmo, which stands for “Zeus in the mobile;” it pretends to be an online banking security application called Rapport, which is the name of a legitimate application from Trusteer.

Previous variants of the ZeuS online banking Trojan targeted Symbian, Blackberry and Windows Mobile devices. The Android variant does not require any digital certificates and is injected by manual download of an alleged security extension from Trusteer. Once installed, the Trojan masquerades as an online banking activation app. In the background, it listens to all incoming SMS messages and forwards them to a remote web server. That’s a security risk, as some banks now send, via SMS, mTANs (mobile transaction authentication numbers), which is banking-speak for one-time passwords for authenticating transactions.

Criminals need to persuade users to download and install the app. The application gets pushed by malware after it has infected the user’s PC, but not until the user visits a banking website. The risk is relatively small, as not all banks use mTANs and relatively few people use smartphones for banking transactions.

Read the full story at InformationWeek.com.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: