ZeuS trojan attacks Android

Several AV vendors report that, after targeting Symbian, BlackBerry and Windows Mobile devices, a variant of the ZeuS online banking trojan now also infects Android smartphones and will upload any TANs that arrive via SMS text message to a server. If they have control of victims’ PCs as well as their smartphones, criminals are then able to bypass the mobile TAN system and make fraudulent transactions from their victims’ accounts.

According to Kaspersky, the Android variant of ZeuS-in-the-Mobile (ZitMo) is more simple than the version for Symbian, which appeared in September 2010, and the Windows variant that followed. ZitMo for Android does not require any digital certificates and is injected by manual download of an alleged security extension from a company called Trusteer. Once installed, the trojan masquerades as an online banking activation app.

Read more at H-online

Comments are closed.