We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

Zeus Trojan intercepting bank text messages

ING customers in Poland targeted by malware

A version of the Zeus malware that intercepts one-time passcodes sent by SMS (Short Message Service) is targeting customers of the financial institution ING in Poland.

The security vendor F-Secure blogged on Monday about the issue, which was analysed on the website of security consultant Piotr Konieczny. F-Secure wrote that it appears to be the same style of attack found by the Spanish security company S21sec last September, which marked a disconcerting evolution in Zeus, one of the most advanced banking Trojans designed to steal passwords.

Zeus has changed its tactics, since some banks are now using one-time passcodes sent by SMS to authorise transactions performed on a desktop machine. First, attackers infect a person's desktop or laptop. Then, when that person logs into a financial institution such as ING, it injects HTML fields into the legitimate web page.

Those fields ask for a person's mobile phone number and the model of their phone. When that information is entered, the attacker sends an SMS leading to a website that will install a mobile application that intercepts SMSes and forwards messages to another number controlled by the attackers. The Zeus mobile component will work on some Symbian and BlackBerry devices.

Once that setup is complete, the attacker can simply do a transfer whenever it is convenient, such as when an account has just received a deposit. An attacker can log onto the account, receive the SMS code and begin transferring money.

ING officials contacted in the Netherlands on Monday afternoon did not have an immediate comment.

The SMS ability of Zeus has prompted vendors such as Cloudmark to warn about how SMS spam, or SMS messages designed to enable other malware, are a growing threat. Cloudmark sells a system to operators that analyses SMS messages and can filter ones that have spam or other offensive content.


IDG UK Sites

Amazon 3D smartphone release date, price and spec: The hologram phone?

IDG UK Sites

iPhone 5s review: why the iPhone 5s is still the best phone you can buy in 2014

IDG UK Sites

Passwords don't work: here's four ways to fix them

IDG UK Sites

Developers get access to more Sony camera features