The infamous Zeus banking Trojan has developed a new technique designed to circumvent a form of two-factor authentication...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
increasingly used by financial institutions: SMS.
Over the weekend, researchers at Sunnyvale, Calif.-based network security provider Fortinet Inc. said they found a new mobile malware component in their ongoing monitoring of the Zeus botnet, which they dubbed Zitmo for "Zeus in the Mobile."
In a blog post, they described how the banking Trojan, after obtaining the phone number and phone model of victims via man-in-the-browser schemes, sends an SMS with a link to a malicious package for the specific phone model.
"This malicious package is still under investigation, but given the context, it is logical to believe it is aimed at defeating SMS-based two-factor authentication that most banks implement today to confirm transfers of funds initiated online by their end users," they said.
Researchers at S21sec, a security firm based in Spain, called the new functionality Zeus Mitmo ("man in the mobile"). In a blog post, they described in detail how the scheme tries to infect a victim's mobile device and sniff SMS messages in order to hijack online bank accounts.