EFY Times  
Thursday, April 24, 2014

 
GO
 
 

Mobile Zeus Trojan Poses As Android Security Tools: Kaspersky Lab
 
Home >> Infotech >> Trends
 
Mobile Zeus Trojan Poses As Android Security Tools: Kaspersky Lab  
 
   
Rate this news:  (0 Votes)
Thursday, June 21, 2012 Researchers have discovered a set of malicious Android applications posing as security software in the latest example of malware targeting Google’s mobile platform. Kaspersky Lab has uncovered a set of malicious Android applications posing as security software. The malware is linked to the infamous Zeus Trojan, a common tool used in the theft of banking credentials. The phony security applications were first observed earlier this month, and newer versions have continued to appear, according to Kaspersky.






Malicious files
“On the 4th of June 2012 we found 3 APK files of ~207 kb in size each heuristically detected by our engine as HEUR:Trojan-Spy.AndroidOS.Zitmo.a,” blogged Kaspersky researcher Denis Maslennikov. “All these applications are malicious and were created to steal incoming SMS messages from infected devices. SMS messages will be uploaded to a remote server whose URL is encrypted and stored inside the body of the Trojan.”

The company found three more APK (application package) files with exactly the same functionality on 8, 13 and 14 June. Altogether there are at least six files that pretend to be “Android Security Suite Premium”, but in actuality steal incoming SMS messages, the researcher said.

The point of stealing incoming SMS messages is to swipe the victim’s mobile transaction authentication number (mTAN), which is used by banks to authenticate online bank transactions. When a device is infected, the SMS messages are uploaded to a remote server.

“One of the remote server domains was registered using the same fake data which was used for registering ZeuS C&Cs [command and control] servers back in 2011,” Maslennikov blogged.” And the malware’s functionality is almost the same as in old ZitMo samples [the mobile version of Zeus]. Therefore ‘Android Security Suite Premium’ = New ZitMo.”

Android malware on the rise
The issue of Android malware has been a focus security researchers and attackers alike for the past year.

Last week, Sophos released its list of the five most common pieces of Android malware. The most prevalent is what the company refers to as Andr/PJApps-C, which Sophos Senior Technology Consultant Graham Cluley described as an application that has been cracked using a publicly available tool that may or may not be actually malicious.

The second most popular is BaseBridge, which uses a privilege escalation exploit to elevate its privileges and install additional malicious apps onto a victim’s device. It also uses HTTP to communicate with a central server and leaks potentially identifiable information.

On 13 June authorities in Japan arrested six men for distributing a malicious Android app through a website that hosted adult content. According to The Daily Yomiuri, the Trojan was hidden inside an application that posed as a video player.

Once opened, the malware stole the victim’s information and sent it to a remote server. The application also displayed a message demanding a payment of 99,800 yen (£805). Symantec detects the rogue application as Android.Oneclickfraud.
Smartphone attack

“While there are countless numbers of sites aimed at scamming computer users, there have only been a handful of sites designed for smartphones to date,” blogged Joji Hamada, threat analyst with Symantec Security Response. “Out of those, we are aware of at least two sites affiliated with the site operated by the arrested men, and they are up and running…. So, with the arrest of the gang operating Android.Oneclickfraud I am hopeful that their sister sites will be taken down soon, with more arrests to follow. However, at the time of writing they show no sign of letting up.”



Print Email Post Comment 
(Total Views: 899)
 
Share
 
 
Infotech News
   
6 Disk Cloning Tools For Linux Users!
TRAI Set To Mandate Minimum Internet Download Speed
These Android-Based Furnishings And Appliances Offer Transparent Touchscreens
Google Ads Will Now Link Users Within Mobile Apps
12 Log File Viewers and Analysers To Know!
 
 
 
     
     
     
Press Release
     
Truecaller Delights Tata DOCOMO Users ...
Mindtree And IGD Launch Inaugural ...
Over 69 Per Cent Of Targeted Attacks In ...
Network18 Along With Microsoft Launches ...
Exar Offers Wide Frequency Universal ...
Pitney Bowes Partners With INRIX To ...
IMImobile Builds Windows “Up At The O2” ...
FineLine Prototyping Acquired By Proto ...
Proto Labs, Inc. Launches New Additive ...
Isola Group Using Motorola WLAN ...
WeChat’s New Real Time Location Sharing ...
Orange Business Services Helps Haier ...
Nokia Asha Touch Phones Receive New ...
Milagrow Launches India’s Most Powerful ...
SAPPHIRE SHIPS R9 295X2 And R9 295X2 OC ...
Samsung Galaxy Tab 4 Available In U.S. ...
Toshiba And National Science Teachers ...
Amazon And HBO Ink Exclusive Multi-Year ...
Research And Markets: Global Radio ...
Hitachi Solutions Canada Again Named As ...
Buck Converter From Diodes Incorporated ...
Pre-Order The New Samsung Galaxy Tab 4 ...
GTS Introduces Low-Cost Way To Charge ...
Haag-Streit USA And Sony Medical Bring ...
Bulgaria’s Mobiltel And Amdocs Win ...
 
GlacialLight Introduces Arcturus Series ...
IBM Social Business Helps Polaris FT ...
PE INTERNATIONAL Delivers ...
Corning Announces Gorilla Glass 3 & ...
Code For India Announces First Ever ...
APO Announces Strategic Partnership ...
Accenture To Help Azure Power Expand ...
Research And Markets: Global NAND Flash ...
AGC's Dragontrail Now Carried By 37 ...
Research And Markets: Global 3D NAND ...
Research And Markets: Nanotechnology ...
1-800-Recycling.com Profiled And ...
UST Global Recognized By The WorldBlu ...
Ferro Reports Adjusted EPS Of $0.19 For ...
ESI Announces Preliminary Results For ...
Research And Markets: India UPS Market ...
Celanese To Add Fortron PPS Compounding ...
IEEE Commemorates Historic 100th Year ...
Dassault Systèmes’ 3DEXPERIENCE ...
THine Unveils Its New Interface ...
EVERLIGHT Introduces An Ultra-Thin ...
Vuzix To Showcase Its Award-Winning ...
Siemens AG Relies On Teradata ...
PSI Repair Services To Showcase Its ...
Global Adhesives And Sealants Industry: ...
     
     
     
     
     
Most popular
 
Features
6 Disk Cloning Tools For Linux Users!
Cloning your disk helps in protecting the data on it through replication....
12 Log File Viewers and Analysers To Know!
Here's how you can make sense of your computer's logs!...
7 Super Useful Application Servers For Developers
Building your own application? Here's something that you would appreate....
Smartphone Review: Gionee Elife E7
With the right marketing pitch, Gionee could end up eating into the market of companies like Micromax, while also affecting sales of brands like Samsu...
10 Open Source Video Editing Tools For Amateurs And Professionals
Are you a Linux user? Want to make first class videos? Here are the tools!...
9 Small Footprint Web Browsers For Linux Users
While all of these work on Linux, many of them are also cross platform tools....
Password Cracking Anyone? Here Are 10 Tools To Help You!
It takes only a hacker to pinpoint the loopholes in a well-structured program....
8 Of The Very Best Encryption Tools To Secure Your Network
Encrypting and decrypting data are common phenomena utilised by people to protect their digital communication. Here are some handy tools....
Are You A SysAdmin? Keep These 10 Tools At Hand!
Being a sysadmin has its share of joys, however, challenges abound in this digital world! ...
Here Are 8 Awesome Books On Exploitation And Vulnerability Research
Keeping just the right books at hand is perhaps one of the better moves on the part of an ethical hacking, then there's the hacking of course!...
The Top 10 Application Security Books For You!
The following books will teach you how to preserve and protect the sanctity of your applications all the while giving you useful information about eth...
6 Packet Sniffing Tools For Ethical Hackers!
Keeping your network secure requires a lot of tools. The packet sniffing tools are amongst those that are most important....
Here Are 18 Proxy Websites To Access Blocked Websites
Go on and surf some blocked websites......
12 Instant Messaging Clients For Linux Users!
Want to chat with your friends? Use these IMs!...
7 Cryptography Books That'll Answer All Your Questions!
If you want to learn to break ciphers, encryptions or codes, well, look no further... ...
 
  View All
Dialogue
 
HTC Is Strong And There Are No Plans Of Sale Now Or In Future, Says HTC's Senior Director-Marketing
Atithya Amaresh from EFYTimes had an exclusive chat with Sirpa H. Ikola, senior director, Marketing, South Asia, HTC about its devices and its plans w...
“Cloud And Hybrid Hosting Are The Way To Go!”
Diksha P Gupta from Open Source For You spoke to Anil Chandaliya, chief network administrator, ESDS, about how customers can play safe while dealing w...
"Linux Interoperability Has Been Enabled Through Work Across Microsoft"
Diksha P Gupta from the OSFY team spoke to Dr K Y Srinivasan, principal architect at Microsoft, about how the company is moving ahead on the open trac...
"For Modern Day Tablets And Smartphones, Android Has Become A Default"
Diksha P Gupta from EFYTimes.com spoke to Indrajit Sabharwal, managing director, Simmtronics Semiconductors Ltd, about the compan...
"Torvalds' Blunt, Harsh Criticism Helps Open Source Grow"
Steve Ballmer called Linux 'cancer, which attached itself... to everything it touches,' in 2001 and oh-so-rightly. ...
   
  View All
Videos
 
First Look: LG Optimus G
The phone sports a high-end display and comes powered by a powerful processor. ...
Create QR-Codes For Free
TEC-IT releases the freeware QR-Code Studio to provide a quick and convenient way of QR code creation for every application scenario....
DoT Secretary Shares Plans For Growth Of Telecom Sector
M.F. Farooqui has recently taken charge as secretary, Department of Telecom....
Hands-On: Sony Xperia Z
Xperia Z is Sony's first entrant model in the big-screen smartphone category. ...
Hands On: Videocon A30 Smartphone
Videocon, the consumer electronics company which is known for its refrigerators, washing machine and air-conditioner has unveiled its Android-based sm...
   
View All
   
 
MWC 2014
 
MWC 2014: Tablet Lets People Feel Textures On Its Screen
Now feel what you see on your tablet, by way of ultrasonic waves....
MWC 2014: 4K Android Tablet Games To Kill Consoles, iPad
Tablet makers like Samsung want to beat the iPad by making 4K tabs. ...
MWC 2014: This Vodafone Backpack Helps Get Network In Disaster Situations
Two engineers of Vodafone New Zealand displayed the "mini" mobile network by Vodafone substructure in a backpack. ...
MWC 2014: Wilocity Chipset To Bring 'Lightening' Speed To Mobile Phones
Wilocity has developed a WiGig chipset for mobile phones that will bring lightning-fast wireless capability ...
MWC 2014: Samsung Introduces Octacore, Hexacore Chipsets
The Korean giant, Samsung unveiled two new octacore and hexacore chipsets at MWC 2014, in Barcelona. The company previously used Exynos 5 Octa 5410 ch...
MWC 2014: Alcatel Unveils PIXI 7 Tablet With Android 4.4
Alcatel arrived at the MWC 2014 with yet another low cost Android tablet, priced at $110 ...
MWC 2014: LG F70 Unveiled With Android 4.4
LG announced the new LTE-enabled Android smartphone, LG F70, at MWC 2014 in Barcelona. ...
   
View All
   
 
Events
 
19th Consumer Electronic Imaging Fair To Be Held On ...

View All
   
   
 
 

home archives contact us advertise with us
           
Magazines Portals Directories Events News Verticals Educational Institute  
Electronics for You
Open Source for You
Facts for You
Electronics Bazaar
electronicsforu.com
efytimes.com
bpotimes.com
linuxforu.com
Electronics Annual Guide
EFY EXPO
EFY Awards
EduTech Expo
OSIDAYS Expo
Electronics
Infotech
Linux & Open Source
Consumer Electronics
Science & Technology
BPO
EFY Techcenter 
 
 
© Copyright 2014 EFY Enterprises Pvt. Ltd.
All rights reserved. Reproduction in whole or in part in any form or medium without written permission is prohibited.
Usage of the content from the web site is subject to Terms and Conditions