Monday, September 27, 2010

ZeuS Mitmo: Man-in-the-Mobile (Part 1)

All of you who follow this blog already know that we've been tracking ZeuS for many years. We have seen many improvements in its features (injection, JavaScript, Jabber, VNC, etc.), but recently there have been some new additions that can be the next big milestone: the mobile world.

The reason is pretty obvious; many companies (not only financial institutions) are using SMS as a second authentication vector, so having both the online username and password is not enough in the identity theft process. There are some social engineering techniques in the wild that try to handle this issue by luring the user; the user thinks that is doing a specific operation, but in fact he is doing other forged one (man-in-the-browser, JabberZeus, etc.)


Part 2 -
Part 3 -

According to this report from today (9/27/2010), only one AV engines detects the malware.

Looks like F-secure just added this detection today as well.

My gut would tell me that the detection rate might be skewed due to the lack of mobile AV by many of the vendors.

No comments:

Post a Comment