Content area
Full Text
Note: Zeus crimeware creators adapt Zitmo malware, disguised as a banking activation application, to steal financial details from Android users.
(click image for larger view)
Slideshow: 10 Massive Security BreachesThe Trojan spyware application known as Zitmo, which is designed to steal people's financial data, has now been altered to target devices running the Android mobile operating system.
"The malware poses as a banking activation application," said Axelle Apvrille, a senior antivirus analyst and researcher for Fortinet, in a blog post. "In the background, it listens to all incoming SMS messages and forwards them to a remote web server."
That's a security risk, as some banks now send mTANs--mobile transaction authentication numbers, which is banking-speak for one-time passwords for authenticating transactions--via SMS. By intercepting these passwords, the Zeus-botnet-using criminal gang behind Zitmo can not only...