Zeus-in-the-mobile variant uses security firm's name to gain victims' trust

Share this article:
Zeus-in-the-mobile variant uses security firm's name to gain victims' trust
Android users are tricked into installing a spurious "security" app.

Zitmo, or Zeus-in-the-mobile, is now using a new ploy to target Android users, researchers found.

On Monday, security firm Trusteer, an IBM company, revealed via a blog post how the company's name was used to gain the trust of victims.

According to Etay Maor, fraud prevention solutions manager at Trusteer, the malware “waits until an infected victim browses to one of the banks in the malware's target list” and enters their online banking credentials, before launching additional exploits.

After victims enter their login credentials, they're prompted to install a “Trusteer Mobile for Android” security app. If they opt to download the spurious app, they will be redirected to Trusteer's website where additional HTML injections prompt them on how to install the software.

The install actually allows attackers to intercept messages from target banks, which aid them in carrying out fraud, Maor warned.

“The mobile malware then steals incoming SMS messages from the victim's bank – allowing the cyber criminal to gain access to the online account by bypassing the one-time password mechanism,” Maor wrote in the blog post.

Ironically enough, victims were lured into installing the “security app” in the first place, so that they could secure their SMS one-time password, he said.

“While this combination of mobile and PC malware has been around for over four years, receiving its own acronym MitMO (Man-in-the-Mobile), cyber criminals continue to find new ways to persuade users to download the fake mobile app,” Maor said of the ploy.

Share this article:

Sign up to our newsletters

More in News

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.

Researcher hacks network connected devices in own home

Researcher hacks network connected devices in own home

In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to ...

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.