FortiGate
FortiWiFi
FortiAnalyzer
FortiManager
FortiAuthenticator
FortiClient
FortiMail
FortiSwitch
FortiAP
FortiBalancer
FortiDB
FortiWeb
FortiCarrier
Zitmo has been used by the ZeuS gang to defeat SMS-based banking two-factor authentication on Symbian, BlackBerry and Windows Mobile for a several months (see my ShmooCon slides).
Lately, there’s been an active discussion on technical forums regarding ZeuS targetting Android users. We finally managed to get our hands on the mobile sample the ZeuS PC trojans are propagating.
Actually, it is not a new sample and has been detected under several names (Android.Trojan.SmsSpy.B, Trojan-Spy.AndroidOS.Smser.a, Andr/SMSRep-B), but it is far more scary when propagated by the ZeuS gang.
The malware poses as a banking activation application:
Zitmo trojan spyware for Android
In the background, it listens to all incoming SMS messages and forwards them to a remote web server. It’s simple, but just enough for the ZeuS gang to grab your banking mTANs…
Wireshark capture of Zitmo forwarding an incoming SMS (on the infected phone) to a remote web server
We’ll keep you posted on this one.
– the Crypto Girl
PS. F-Secure, s21sec and Kaspersky contributed to finding this sample. Thanks for their cooperation.
Loading ...
All Posts
Twitter
FaceBook
LinkedIn
YouTube
Still new updates and tweaks required for already available android security apps in the market.
nice info..!!
See : http://www.allandroidgadget.com
For Android Gadget Review Portal
Thank’s…
Thank you for the sensible critique. Me & my friend were just preparing to do some research on this. We grabbed a book from our area library but I think I learned more from this post. I’m very glad to see such wonderful info being shared freely out there..
[...] far this year, there has been the discovery of a smartphone version of the Zeus Trojan spyware, Zitmo, which redirects mobile transaction authentication numbers (mTANs), the SMS messages used by some [...]
[...] (Credit:Fortinet) [...]
[...] not While trolling for research material, I came across a Fortinet blog post by Axelle Apvrille. He reported that Zitmo may now be ported for Android: “Lately, [...]
[...] on Security reported on Zitmo, a ZeuS trojan that runs on Google Android, Krebs spoke with security firm Trusteer CEO Mickey [...]
[...] und speziell bei Android – größer wird, unterstreichen zudem Meldungen wie die Fortinet oder F-Secure. Fortinet beschreibt einen neuen Android-Trojaner, der zur letztjährig erstmals [...]
[...] Krebs on Security reported on Zitmo, a ZeuS trojan that runs on Google Android, Krebs spoke with security firm Trusteer CEO Mickey [...]
[...] Krebs on Security reported on Zitmo, a ZeuS trojan that runs on Google Android, Krebs spoke with security firm Trusteer CEO Mickey [...]
[...] Krebs on Security reported on Zitmo, a ZeuS trojan that runs on Google Android, Krebs spoke with security firm Trusteer CEO Mickey [...]
[...] Krebs on Security reported on Zitmo, a ZeuS trojan that runs on Google Android, Krebs spoke with security firm Trusteer CEO Mickey [...]
[...] The latest attack alert comes from Fortinet, which has discovered a new variant of the Zeus banking Trojan designed to target Android smartphones. The malware poses as a banking activation application, Fortinet said in a blog entry describing Zitmo, the mobile variant of Zeus. [...]
[...] however, Zeus authors have configured the Zitmo to target Android smartphones, according to Fortinet researchers, which has the potential of affecting millions of smartphone [...]
[...] This is a short update to our prior post concerning Zitmo on Android. [...]
[...] said Axelle Apvrille, a senior antivirus analyst and researcher for Fortinet, in a blog post. “In the background, it listens to all incoming SMS messages and forwards them to a remote [...]
[...] really need a confirm? For instance the recent evolution of the Infamous ZiTMo mobile malware that has just landed on Android (the continuing metamorphosis of this malware is really meaningful: born on the Windows platform, [...]
[...] Apvrille, an author at the security blog Fortinet, said Zitmo is being put to use by the ZeuS botnet [...]
[...] Apvrille, an author at the security blog Fortinet, said Zitmo is being put to use by the ZeuS botnet [...]
[...] Apvrille, an author at the security blog Fortinet, said Zitmo is being put to use by the ZeuS botnet [...]
[...] on Symbian, BlackBerry and Windows Mobile devices.Axelle Apvrille, an author at the security blog Fortinet, said Zitmo is being put to use by the ZeuS botnet gang.“The malware poses as a banking [...]
[...] on Symbian, BlackBerry and Windows Mobile devices.Axelle Apvrille, an author at the security blog Fortinet, said Zitmo is being put to use by the ZeuS botnet gang.“The malware poses as a banking [...]
[...] said Axelle Apvrille, a senior antivirus analyst and researcher for Fortinet, in a blog post. “In the background, it listens to all incoming SMS messages and forwards them to a remote [...]
[...] Apvrille, an antivirus analyst for Fortinet has written a blog post on the [...]
[...] said Axelle Apvrille, a senior antivirus analyst and researcher for Fortinet, in a blog post. “In the background, it listens to all incoming SMS messages and forwards them to a remote [...]
[...] pronounced Axelle Apvrille, a comparison antivirus researcher and researcher for Fortinet, in a blog post. “In a background, it listens to all incoming SMS messages and forwards them to a remote web [...]
[...] le billet de Fortinet. Bref, mais éloquent : Zitmo (Zeus In The Mobile), après avoir frappé les smartphones sous [...]
[...] Network security appliance vendor Fortinet Inc. has discovered a new variant of the Zeus banking Trojan designed to target Android smartphones. The malware poses as a banking activation application, Fortinet said in a blog entry describing Zitmo, the mobile variant of Zeus. [...]
[...] lo cho người dùng Android khi Hãng bảo mật Fortinet khám phá loại mã độc Zitmo chuyên ẩn mình và đánh cắp các loại thông tin liên quan đến tài chính khi [...]
[...] new SMS-message malware make a rounds, Fortinet researchers claimed that a recently identified banking malware was related to a squad behind a Zeus Trojan. A [...]
[...] new SMS-message malware make a rounds, Fortinet researchers claimed that a recently identified banking malware was related to a squad behind a Zeus Trojan. A [...]
[...] at Fortinet said the malicious file is a new version of “Zitmo,” a family of mobile malware first spotted last year that stands for [...]
[...] Andr/SMSRep-B), but it is far more scary when propagated by the ZeuS gang,” says Fortinet security researcher Axelle [...]
[...] Negli ultimi due giorni, però, ci sono state parecchie discussioni sulle mailing list dedicate all’analisi del malware mobile in merito a una versione Android di Zeus. [...]
[...] In the last couple of days, however, there has been quite a lot of discussion on the mobile malware analysis mailing lists about a version of a an Android version of Zeus. [...]
[...] In the last couple of days, however, there has been quite a lot of discussion on the mobile malware analysis mailing lists about a version of a an Android version of Zeus. [...]
[...] In the last couple of days, however, there has been quite a lot of discussion on the mobile malware analysis mailing lists about a version of a an Android version of Zeus. [...]
When will fortinet offer android base antivirus like winmobile and symbian?