- BlackBerry Target Of New Wave Of ZitMo Trojan Attacks
  • BlackBerry, Target Of New Wave Of ZitMo Trojan Attacks

    It is not very often that we hear any news concerning security threats regarding BlackBerry. So when new exploits or security breaches are found, it is worth taking note. In the latter half of last year, Kaspersky Lab's security research team published an article with information regarding the ZeuS-in-the-Mobile (ZitMo) Trojan and its ability to mislead users into sending banking information to malicious users.

    The ZitMo Trojan has actually been around for a couple years now and has generally been elusive to those researching vulnerabilities on BlackBerry devices. ZitMo's sole purpose is to steal mobile users mTAN codes; your banks Transaction Authentication Number, and forward it to a malicious user. Banks often use these TAN codes as away to authenticate users to their online banking services.

    The whole attack is finely orchestrated, using the already well known ZeuS PC- based attack to gather user banking information and cell phone number. Kaspersky describes the attack in the following manner:

    1. Cyber criminals use the PC-based ZeuS to steal the data needed to access online banking accounts and client cell phone numbers.
    2. The victim’s mobile phone receives a text message with a request to install an updated security certificate, or some other necessary software. However, the link in the text message will actually lead to the mobile version of ZeuS.
    3. If the victim installs this software and infects the phone, the malicious user can then use the stolen personal data and attempt to make cash transactions from the compromised account, but still needs an mTAN code to authenticate the transaction.
    4. The bank sends out a text message with the mTAN code to the client’s mobile phone.
    5. ZitMo forwards the text message with the mTAN code to the malicious user’s phone.
    6. The malicious user is then able to use the mTAN code to authenticate the transaction.

    A fragment of the certificate .cod file and commands.

    Trojan installation process

    Researchers at Kaspersky Lab's have found 4 new samples of ZitMo on BlackBerry devices that potentially point to a new wave of attacks.

    The samples include 3 .cod files and 1 .jar file with another .cod conveniently placed inside the .jar file. The samples according to Kaspersky have all come from various European countries to include, Spain, Poland, and Germany. The following is a list of counties provided by Kaspersky in which users need to be more aware of ZitMo:

    • Germany +46769436094
    • Spain +46769436073
    • Italy +46769436073
    • Spain +46769436073

    Some Tips

    The best way to help safeguard against this revamped threat is to make sure you have a clean PC. Always make sure that you have the latest antivirus definitions on your computer, and be careful when downloading applications to your computer and mobile device. Only accept text messages from numbers that you are familiar with, or at least have the sender identify themselves. Last but not least, verify the source of your mobile download. Most vendors will have some sort of identification linked to the download. If you're unsure contact them and make sure it's a legit download.
    This article was originally published in forum thread: BlackBerry Target Of New Wave Of ZitMo Trojan Attacks started by ice2921 View original post

    comments powered by Disqus
  • Sponsored Ad

  • Recent Comments

  • Most Commented

    The most commented articles on BlackBerryOS over the past 24 hours.
  • Recent Forum Posts


    Passport and Classic in UK

    Sounds awesome! I'm seriously excited about this device, hoping that functionality (in this format / form-factor) will overcome whimsy and I'll be able

    weirdstuff 08-20-2014, 04:09 PM Go to last post
    Joe Jerde

    Passport and Classic in UK

    That was Chen's focus. Business sector. As long as they can start turning a significant profit, BlackBerry can comeback as a big marketshare player again.

    Joe Jerde 08-20-2014, 03:57 PM Go to last post

    New App: Taken - GPS Photo and Location data

    Application Name: Taken - GPS Photo and Location Data


    Ever wanted to know exactly where the photo

    Smiley88 08-19-2014, 10:13 AM Go to last post

    Passport and Classic in UK

    Hi, went to my local Carphone Warehouse store in UK, to ask about Blackberry Passport and Classic would they be stocking them?,
    was informed that

    merlin29 08-18-2014, 05:40 AM Go to last post

    7 Minute Workout - native app

    The bestselling "7 Minute Workout" app on Smartphone is now available on Appworld.
    Don't have enough time to exercise every day? Try the

    smartaps 08-18-2014, 04:42 AM Go to last post
  • Sponsored Ad