Tuesday, February 22, 2011

Mobile Zeus Variants Target Windows Mobile, Symbian Phones

Via Threatpost.com -

There are two new versions of the Zeus malware making the rounds right now, both of which target popular mobile phone platforms. One of the variants targets Windows Mobile devices, while the other is going after the Symbian platform, and both are intent on silently stealing data from infected devices.

The new mobile Zeus variants surfaced within the last couple of days and are similar to an older mobile version of the venerable malware. The first Zeus mobile variant appeared in September of last year and aimed to trick users into downloading the malware through a warning about the need for a "certificate update."

[...]

"The new version of the Symbian ZeuS trojan (detected as Trojan-Spy.SymbOS.Zbot.b) is similar to the previous one: same commands and same functionality. The Windows Mobile version of the ZeuS trojan (detected as Trojan-Spy.WinCE.Zbot.a) has the same functionality and even the same commands. For example, both versions will report to the same C&C cell phone number (British) after a successful infection," Denis Maslennikov, a malware researcher at Kaspersky Lab, wrote in an analysis of the new Zeus variants.

Smartphones are now near the top of the list for attackers looking for the path of least resistance to gathering sensitive user or corporate data. Mobile malware has not really emerged as the major threat that has been predicted since roughly 1999, but malicious smartphone apps and other threats have surfaced to take up the slack.

"The first ZeuS in the Mobile attack showed us that cybercriminals continue to extend their activities into new platforms and target new areas (mTANs in this case). The second Zeus in the Mobile attack proved that cybercriminals are still very far away from stopping their activities. The newly targeted platform only confirms this fact."

No comments:

Post a Comment