Android – Banking Trojan Alert!

The Trojan spyware application known as Zitmo, which is designed to steal people’s financial data, has now been altered to target devices running the Android mobile operating system, according to InformationWeek.

“The malware poses as a banking activation application,” says Axelle Apvrille, a senior anti-virus analyst and researcher for Fortinet, in a blog post. “In the background, it listens to all incoming SMS messages and forwards them to a remote Web server.”

That’s a security risk, as some banks now send mTANs – mobile transaction authentication numbers, which is banking-speak for one-time passwords for authenticating transactions – via SMS.

By intercepting these passwords, the Zeus-botnet-using criminal gang behind Zitmo can not only create fraudulent money transfers, but verify them.

The malware disguised itself as the banking security app Rapport, made by Trusteer, says Digital ID News.

Trusteer discovered the spread of the malware in late May and early June and have taken the supporting servers offline.

While mTANs are used mostly by European banks as a second layer of security, the spread of this variant shows that attackers are attempting to break into dual-factor authentication, which could pose problems for other types of mobile banking platforms.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s