Zeus banking Trojans Hits Android Devices




Zitmo Trojan Spyware app which is designed to hack people’s financial data. This application targets devices which are runs on Android operating system.

A senior antivirus analyst and researcher for Fortinet Axelle Apvrille said that “The malware posses as a banking activation application” into a blog post. This listens to all incoming messages and forwards them into the web server.

There is security issue for all those banks who send mTANs-mobile transaction authentication numbers for sending one-time password as a SMS for authentication. Zeus-botnet-using criminal gang which not only fraudulent money transfers them also verified the transactions by intercepting password.

Zitmo is not a new Android variant it used by the ZeuS gang to defeat SMS based banking into two factors authentication on popular mobile operating systems such as BlackBerry, Symbian, Windows, and more.

Truteer CEO Mickey Boodaei said that this attacks on malicious smartphone application often gets pushed by malware after it was infected a PC until visit a banking websites. At this point the infected malware kicks and asks users to download a security or authentication options on their mobile devices during login process.

FFIEC (Federal Financial Institutions Examinations Council) recommended that banks have considered about the out-of-bound authentication such as mTANs blocking malware attacks against their customers.  However banks follow the guide lines of FFIEC but attackers find new techniques for defeating the securities.

Boodaei said that the current threat from smartphones it seeking malwares relatively smalls because this time few users banking operations on their mobile phones. Android Security Architecture also not able to stop this attacks they have to beware while mobile banking will not going to take off. These attacks can be taking place via social engineering attack which installing third party apps.

Not only Android OS at the risk, some other devices also at risks including iPad, iPhone, and other iOS devices which install malicious apps.

0 comments:

Post a Comment

 
Copyright © Android-Here