Zitmo: A New Malicious Trojan That Steals Your Bank Info
The people responsible for the horrible ZeuS botnet have started exploiting a vulnerability in mobile banking that allows them to steal bank passwords. The spyware app is a Trojan called Zitmo and it has recently been modified to attack Android devices.
The malware works by posing as bank activation software, in where it preys upon its victims and steals all your bank details as you bank online.
Prior to the Android fraud, Zitmo successfully ran on Symbian, BlackBerry, and Windows Mobile devices. So how are the bank details stolen? Well, everytime you login to your mobile device to do some banking on the go, you are assigned an MTAN (mobile transaction authentication number), this is basically a key that opens the door to your bank and allows you to do transfers.
Since MTANS are sent by text message between bank and customer, they are theorized to be harder to crack, at least until now. The Zitmo trojan basically hijacks your MTAN and redirects it to a remote server where it is then used or sold for bank fraud.
The malware usually first attacks on a user’s PC and later ‘spreads’ to the phone when the user later banks on their mobile devices. The trojan then poses as a security software and prompts the user to download it. Once downloaded, the trojan continues to relay vital banking information to the aforementioned remote server.
The best way to protect yourself (besides having anti-virus applications and firewalls installed) is to make sure not to download anything that pops up or seems unexpected. Don’t let your computer tell you (the user) how to do your job.