Breaking news from Poland today: A variant of the ZeuS trojan is targeting the mobile phone based, two-factor authentication used by ING Bank Slaski (Polish ING Bank).
Security consultant and blogger, Piotr Konieczny has details on his blog, Niebezpiecznik (Google Translate).
From the details that we’ve gathered so far, this appears to be the same type of ZeuS Man-in-the-mobile attack that took place in Spain last year. Spanish security company, S21sec first reported on ZeuS Mitmo here.
ZeuS Mitmo is designed to steal mTANs, and computers infected with a ZeuS Mitmo trojan will inject a “security notification” into the Web banking process, attempting to lure the user into providing their phone number. If a phone number is provided, the user will receive an SMS link pointing to the mobile component, ZeusMitmo.A.
On 21/02/11 At 01:50 PM
Related Posts
- ZeuS Tracker Online Again With New Features
As most of you probably noticed, ZeuS Tracker was offline for a whole week (2010-09-03 to 2010-09-14). During this time I made several improvements and added new features to ZeuS Tracker.
But before ... - ZeuS Tracker Online Again With New Features
As most of you probably noticed, ZeuS Tracker was offline for a whole week (2010-09-03 to 2010-09-14). During this time I made several improvements and added new features to ZeuS Tracker.
But before ... - Once Again, Zeus
Zeus continues to be one of the most common malware we run into.Just now we've been watching a spam run with malicious ZIP files attached to them.Inside the ZIP is always the same Zeus variant... - Zeus bank Trojan infects 100,000 UK PCs
East European criminals have managed to infect up to 100,000 UK-based PCs with the feared Zeus malware used to steal online banking logins, security company Trusteer has discovered.
View full post ... - Zeus is forwarding Adobe updates again
Websense® Security Labs™ ThreatSeeker™ Network has detected a new batch of malicious emails containing Zeus payloads. This campaign is very similar to another which Adobe reporte... - 2010 FIFA World Cup Spam Strikes Again
With the 2010 FIFA World Cup less than two months away, cybercriminals (as expected) are banking on this prestigious international football event to trick users. TrendLabsSM spotted the latest threat ... - iKee iPhone Worm Strikes Again!
PC Tools' Malware Research Center received a sample of an iPhone worm that is strikingly similar with the iKee worm that displays an image of Rick Astley, and was originally intended as a prank. This ... - Bank of Baroda Phishing Scam
Its now Bank of Baroda getting targeted for the phishing attacks.
A mail having subject line : MESSAGE TO ALL BARODA CONNECT USERS!!! getting circulated containing an
attachment.
If you click to ... - Trend Micro Sinkholes and Eliminates a ZeuS Botnet C&C
In February 2011, we successfully collaborated with CDMON, a registrar, to gain control of a ZeuS botnet command-and-control (C&C) server, thereby rendering it ineffective. Our success gave us the... - ZeuS Source Code Already in the Wild
For about two weeks now, the ZeuS source code has been making its way around to different people. Many people have been offering it up for sale on multiple forums, but lots of times it is only pieces ...
Posted on 21 February 2011. Tags: again, Bank, Mitmo, Polish, Strikes, Zeus
The above information is reprinted from and copyrighted © by F-Secure.
