New Zeus banking Trojan tactic tries to defeat SMS-based authentication

Security researchers say malware has new functionality that targets mobile authentication used by banks.

The infamous Zeus banking Trojan has developed a new technique designed to circumvent a form of two-factor authentication...

increasingly used by financial institutions: SMS.

Over the weekend, researchers at Sunnyvale, Calif.-based network security provider Fortinet Inc. said they found a new mobile malware component in their ongoing monitoring of the Zeus botnet, which they dubbed Zitmo for "Zeus in the Mobile."

In a blog post, they described how the banking Trojan, after obtaining the phone number and phone model of victims via man-in-the-browser schemes, sends an SMS with a link to a malicious package for the specific phone model.

"This malicious package is still under investigation, but given the context, it is logical to believe it is aimed at defeating SMS-based two-factor authentication that most banks implement today to confirm transfers of funds initiated online by their end users," they said.

Researchers at S21sec, a security firm based in Spain, called the new functionality Zeus Mitmo ("man in the mobile"). In a blog post, they described in detail how the scheme tries to infect a victim's mobile device and sniff SMS messages in order to hijack online bank accounts.

--Marcia Savage

Dig Deeper on Emerging security threats and attacks

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close