ALL >> Computers >> View Article
Android Mobile Operating Systems Hit By Sms Grabbing Malware
Zeus in the Mobile or Zeus Mitmo (Man-in-the-mobile) or ZitMo (Zeus-in-the-Mobile) has struck again. The information stealing Trojan aims at intercepting and extracting the mTAN or mobile transaction authentication number sent by banks to authenticate online banking transactions. The single use transaction number serves the two-factor verification process of banks. In the latest case, security researchers at Sophos and Kaspersky have identified a new version of ZitMo, which targets Android operating systems. The malware disguises itself as legitimate security software from Trusteer or Kaspersky. In the case of the former, ZitMo appears to users as Trusteer Rapport, while in the case of the later the malware appears as Mobile Security 9. When unwary users fall prey to the scam and download the fake application, they inadvertently download malware on their mobile phones. The malware displays icon of the security software, which look similar to that of legitimate security software from Trusteer or Kaspersky.
ZitMo first appeared last year, when cybercriminals Targeted Symbian operating systems in Spain. Earlier this year, ...
... ZitMo hit headlines by targeting customers of ING Bank Poland. Cybercriminals initially download a malware in the computer systems of the individuals. When customers of a bank visit a bank website, they receive a security notification seeking their mobile numbers and type of device. When customers enter the number, they receive a SMS link, which directs to a link for downloading software required for receiving the authentication numbers. However, customers actually download ZitMo malware. The counterfeit security software installs a broadcast receive for intercepting all Short Message Service (SMS) messages. The fake application encodes the extracted messages and sends them to a remote command and control server of Zeus botnets. According to security researchers at Sophos, the malware transmits the messages through HTTP POST requests. Cybercriminals then conduct fraudulent transactions on behalf of the customer. Individuals must acquaint themselves of different mobile and computer security related threats through e-tutorials and online IT courses. They can also keep themselves updated of latest threats by following security blogs of Internet security firms and advisories by Computer Emergency Response Teams.
With the latest variant, ZitMo can now target mobile devices, which use Symbian, Windows Mobile, Blackberry and Android mobile operating systems. However, security researchers have claimed that the functionality of Zitmo for Android differs from those deployed for other operating systems. As such, there is a possibility of further upgrades to the existing version of the malware for Android. Usually, attackers insert malware in computer systems and mobile devices through drive-by-downloads, malvertizing or malicious links in spam e-mails. Professionals may update themselves on latest modus operandi of cybercriminals through security certifications and online IT degree programs.
Regular evaluation of the software products through penetration testing is crucial to identify threats and improving security mechanism of the devices. Increased mobility of employees for official purposes has resulted in greater use of Smartphones and mobile applications. Cybercriminals may devise mechanisms or variants of malware to extract confidential business and personal information. Professionals qualified in IT degree programs may help organizations in understanding different security risks, identify threat vectors and take measures to improve the security practices in the organization.
Add Comment
Computers Articles
1. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise ServersAuthor: Server Tech Central
2. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp
3. Why Should You Plan Blinkit Onboarding Before Market Expansion And How Can Zane Marketing Help You Grow Faster
Author: Zane Marketing
4. Customer Identity And Access Management (ciam) Market : Strengthening Security And Customer Trust
Author: Umangp
5. How To Start Your Website Redesign Project?
Author: brainbell10
6. Sap Compliance In Manufacturing: Closing The Gaps Grc Leaves Behind
Author: Mansoor Alam
7. Speech Analytics Market : Unlocking Actionable Insights From Customer Conversations
Author: Umangp
8. Data Preparation Tools Market: How Ai And Cloud-based Solutions Are Transforming Modern Data Workflows
Author: Umangp
9. How To Setup And Create Instagram Ads?
Author: brainbell10
10. Why Digital Business Cards Are The Future Of Professional Networking
Author: WhyTap
11. End To End Sataware Product Development Is The Process Of Identifying Market Opportunities To Hire Flutter Developer, Connecting User Needs And Requir
Author: brainbell10
12. Dynamics Nav To Business Central Upgrade Guide
Author: brainbell10
13. Data Governance Framework: Building Trust In The Digital Age
Author: Umangp
14. A Complete Guide To Dynamics 365 Warehouse Management
Author: brainbell10
15. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028
Author: Umangp






