madison

Zero Day

Ryan Naraine and Dancho Danchev
Home / News & Blogs / Zero Day

ZeuS crimeware variant targets Symbian and BlackBerry users

By | February 22, 2011, 5:36am PST

Summary: A ZeuS crimeware variant known as ZeuS Mitmo, has began targeting the two-factor authentication solution offered by the Polish ING bank.

A ZeuS crimeware variant known as ZeuS Mitmo, has began targeting the two-factor authentication solution offered by the Polish ING bank.

UPDATE: Devices running Windows Mobile are also targeted.

The variant, currently targeting Symbian and BlackBerry users works as follows. Upon successful infection, the crimeware injects a legitimately looking field into the web page. The aim is to trick end users into giving out their mTANs, which stands for mobile transaction authentication numbers. Now that the gang has obtained access to their cell phone number, including the type of the device, a SMS is sent back to the victim with a link to a mobile application targeting either Symbian or BlackBerry devices.

See also:

According to the security researcher Piotr Konieczny, the reason why Apple’s iPhone was excluded is due to the fact that Apple has more control over the Apple Store, compared to Symbian or RIM (Research in Motion).

These relatively sophisticated attempts on behalf of cybercriminals, wouldn’t be possible to execute if the user didn’t get infected in the first place.

As always, users are advised to use least privilege accounts, browse the web in isolated environment, and ensure their hosts are free of outdated 3rd party software, browser plugins or OS-specific flaws.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Security, Crimeware, Malaware, Mobile, Variant, Mobile Device, Wireless And Mobility, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Disclosure

Dancho Danchev

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Biography

Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis. More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

Talkback Most Recent of 5 Talkback(s)

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources