Home / malware

PDF

Trojan:SymbOS/ZeusMitmo.A

First posted on 28 September 2010.
Source: SecurityHome

Aliases :

There are no other names known for Trojan:SymbOS/ZeusMitmo.A.

Explanation :

A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.

Additional DetailsTrojan:SymbOS/ZeusMitmo.A is notable for being specifically designed to steal SMS messages containing mobile transaction authentication number (mTANs), which are like single-use passwords sent by banks to to their account holders' mobile phones to verify online transactions.

In our analysis, the malicious trojan was a Symbian-signed file for S60 3rd Edition mobile phones. The file itself is named cert.sis, and may be deceptively billed as a 'Nokia Update'. .jad files, used for Blackberry devices, have also been reported.

ZeusMitmo.A is distributed by Trojan-Spy:W32/Zbot.PUA or Trojan-Spy:W32/Zbot.PUB, which sends an SMS message to the user's phone containing a link to the malicious file. Once installed, the trojan is able to silently monitor all incoming SMS messages.

This trojan is discussed in the following Labs Weblog post:

• ZeuS Variants Targeting Mobile Banking

Last update 28 September 2010

 

TOP