Contact
QR code for the current URL

Story Box-ID: 377128

Fortinet GmbH Feldbergstr. 35 60323 Frankfurt a.M., Germany http://www.fortinet.com/
Contact Ms Kirsten Handke +49 89 23087710
Company logo of Fortinet GmbH
Fortinet GmbH

Zeus Trojan Is Now On Mobile Phones

New Threat Targets Bank Accounts

(PresseBox) (Frankfurt a.M., )
Fortinet® (NASDAQ: FTNT) - a leading network security provider and the worldwide leader of unified threat management (UTM) solutions - today unveils that the sophisticated Zeus Trojan, which is well-known for targeting users' computers to embezzle their online banking operations, is now spreading on mobile phones. This new version of Zeus Trojan has been named 'Zitmo' or 'Zeus In The Mobile', in reference to the class of attack 'Man in the Middle'.

Today, some banks send out SMS to their customers to validate their identity for Internet operations (in addition to their login / password / client code, etc...). When a customer initiates an online banking transaction (via the website of the bank), a code is immediately sent to him/her via an SMS. In order to confirm the transaction, the customer must enter the code received in the web form of the bank. Fortinet believes that, by getting into the victim's mobile phone, Zitmo intercepts the SMS, and can therefore confirm banking transactions initiated by Zeus Trojan on the victim's computer, without him/her being aware, and thus empty the targeted bank account.

Axelle Apvrille, senior mobile antivirus analyst and researcher from Fortinet's FortiGuard Labs provides more information on how the attack operates:
- The user's password and username are caught via Zeus Trojan on the PC;
- Zeus Trojan gets the user's phone number by injecting a malicious form in the user's browser;
- An SMS is sent, providing a link to a "certificate" required to be installed. This downloadable package contains Zitmo (the « mobile » part of Zeus Trojan);
- Once the installation is done, the malware operation is completed. Cybercriminals, who control Zeus Trojan, can now initiate transactions from the user's online banking account and confirm those by intercepting the bank's SMS on the user's mobile phone.

For more information on the Zitmo malware, please go to FortiGuard's blog center:
http://blog.fortinet.com/...

Fortinet GmbH

Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.