Wednesday, May 4, 2011
Screenshot of SMS message sent to botnet administrator
BlackBerry smartphones have come under a new attack targeting their SMS feature according to security firm Trend Micro.
Just like its desktop counterpart, the ZeuS Trojan, identified as BBOS_ZITMO.B, removes itself from the list of applications to be able to stay undetected, rather than displaying any graphical user interface (GUI). Once it is installed, ZeuS sends a confirmation message "App Installed OK", to the administrator number, which is a U.K. number, to signal that it can now receive commands.
The administrator/attacker can remotely change the number to which it forwards SMS sent to the affected phone. Thus, in case the original administrator/attacker number is tracked and taken down, the attacker can send a command to update the attacker number to continue receiving forwarded messages.
According to the analysis carried out by Trend Micro, ZeuS Trojan is capable of carrying out the following commands:
1.Display SMS: Unmonitored SMS will be treated as a normal SMS and will be displayed on the phone.
2.Delete/Drop SMS: SMS from hacker will not be seen by the user.
3.Forward SMS: Send SMS to hacker without the user's knowledge.
4.Block Calls
5.Remove Block Calls
6.Set Administrator: Register a new administrator.
7.On/Off
8.Add Sender
9.Remove Sender
10.Set Sender
11.Block/Unblock Phone Numbers
Trend Micro country manager for India and SAARC, Amit Nath said, "As more users access internet from expanding pool of devices, web based threats will continue in size. The Growth of Smartphones and faster data speeds will also increase the possibilities of infection. As criminals devise ways to make money out of exploiting mobile technologies, mobile users will grow extremely vulnerable. With the growing diversity of operating systems among companies, as well as the growing use of mobile devices, cybercriminals should have a very profitable 2011. Their tactic will be to put a new spin on social engineering by way of malware campaigns, by bombarding recipients with emails that drop downloaders containing malware. All this will largely be made possible because of the Internet."
Trend Micro asserts that this threat affects not just BlackBerry phones, but has also been spotted in smartphones based on Symbian (SYMBOS_ZBOT.B) and Windows Mobile (WINCE_ZBOT.B). People using mobile banking need to be extra cautious while installing applications and clicking links sent by unknown users or they risk downloading this malicious application and compromising their security.
Trend Micro asserts that this threat affects not just BlackBerry phones, but has also been spotted in smartphones based on Symbian (SYMBOS_ZBOT.B) and Windows Mobile (WINCE_ZBOT.B). People using mobile banking need to be extra cautious while installing applications and clicking links sent by unknown users or they risk downloading this malicious application and compromising their security.
0 Comments:
Subscribe to:
Post Comments (Atom)
