With so many reports of Android and iPhone malware, it was only a matter of time before a BlackBerry variant emerged.
A variant of the Zeus banking Trojan targeting BlackBerry smartphones was detected by security researchers at Trend Micro. With more users using their phones to get up-to-date alerts on their bank account balances, to add funds, or to receive password hints, mobile malware has become a lucrative attack vector for cyber-criminals, wrote threat analyst Patrick Estavillo on TrendLabs blog on March 4.
The BlackBerry Zitmo flies under the user’s radar because it does not have a graphical user interface, and it can remove itself from the list of applications attackers, Estavillo said. Mobile banking users unaware of the infection on their phone would be inadvertently giving away their bank account information.
Once the mobile Zeus has been installed on the smartphone, it sends a confirmation message to the remote administrator at the command-and-control server that it is ready to receive commands. The confirmation message reads “App Installed OK,” and is sent to a phone number in the United Kingdom, Estavillo said.
Considered by security experts to be one of the most sophisticated Trojans, Zeus originally installed keyloggers on user desktops to steal login credentials as they were entered on banking sites. Many banks switched to two-factor authentication to thwart the Trojan, since the one-time passcodes, sent by SMS message to the user’s phones, expire as soon as they are used. The Zitmo variant intercepts the passcodes by forwarding all SMS messages to the remote attacker.
For more, read the eWEEK article: Zeus Trojan Variant Found on BlackBerry Phones.