Cybercrime, Malware et Smartphone : Zeus pour Android OS

Le marché des smartphone est juteux pour les cybercriminels : de plus en plus d’utilisateurs accèdent à internet depuis leurs mobiles. Ces derniers nous permettent d’accéder à nos comptes bancaires, de faire quelques tâches bureautiques (relire un rapport confidentiel dans le train), de nous connecter au VPN de l’entreprise ou au webmail, etc… Il est évident que les OS mobiles vont faire l’objet de plus en plus d’attaques dans les années à venir.

The international cybercrime ring known as ZeuS or ZBOT has created a variant of its bank information-stealing malware for Android mobile operating systems.

When downloaded, either through a fake survey (see pic below) or the Android Market, the malware disguises itself as a piece of banking security software from Trusteer, called Rapport. After a user installs the malware, an icon for « Trusteer Rapport » shows up on their homescreen (left).

The Trojan then embeds itself into Android devices, « listens » in on all incoming text messages, and forwards them to a remote server using HTTP POST requests, Sophos Security explained in a blog post. It picks up mTANs (mobile transaction authentication numbers), which are one-time passwords sent through SMS by banks to verify account logins, and uses the passwords to break into bank accounts.

The Zeus toolkit has been around for a couple years, starting with PC viruses that stole banking information by keystroke logging, but ZeuS-in-the-Mobile (ZitMo) variants began appearing in September 2010. Android is the fourth version of ZitMo; in the past the crime ring has created the Trojan for Symbian, Windows Mobile, and BlackBerry operating systems.

Plus de détails ici, ou consultez le blog du Kaspersky Labs.

Related posts:

Leave a Reply