register free | resend password


Zeus Trojan Is Now On Mobile Phones

New Threat Targets Bank Accounts

ID: 1019247
recent pressrelease next pressrelease

(PresseBox) - Fortinet® (NASDAQ: FTNT) - a leading network security provider and the worldwide leader of unified threat management (UTM) solutions - today unveils that the sophisticated Zeus Trojan, which is well-known for targeting users' computers to embezzle their online banking operations, is now spreading on mobile phones. This new version of Zeus Trojan has been named 'Zitmo' or 'Zeus In The Mobile', in reference to the class of attack 'Man in the Middle'.
Today, some banks send out SMS to their customers to validate their identity for Internet operations (in addition to their login / password / client code, etc...). When a customer initiates an online banking transaction (via the website of the bank), a code is immediately sent to him/her via an SMS. In order to confirm the transaction, the customer must enter the code received in the web form of the bank. Fortinet believes that, by getting into the victim's mobile phone, Zitmo intercepts the SMS, and can therefore confirm banking transactions initiated by Zeus Trojan on the victim's computer, without him/her being aware, and thus empty the targeted bank account.
Axelle Apvrille, senior mobile antivirus analyst and researcher from Fortinet's FortiGuard Labs provides more information on how the attack operates:
- The user's password and username are caught via Zeus Trojan on the PC;
- Zeus Trojan gets the user's phone number by injecting a malicious form in the user's browser;
- An SMS is sent, providing a link to a "certificate" required to be installed. This downloadable package contains Zitmo (the « mobile » part of Zeus Trojan);
- Once the installation is done, the malware operation is completed. Cybercriminals, who control Zeus Trojan, can now initiate transactions from the user's online banking account and confirm those by intercepting the bank's SMS on the user's mobile phone.
For more information on the Zitmo malware, please go to FortiGuard's blog center:


http://blog.fortinet.com/zeus-in-the-mobile-zitmo-online-bankings-two-factor-authentication-defeated/

Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.



Keywords (optional):



Company information / Profile:

Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

PressRelease by

Requests:



PressContact / Agency:



published by: PresseBox
print pressrelease  send to a friend  

Date: 09/29/2010 - 10:57
Language: English
News-ID 1019247
Character count: 0
Kontakt-Informationen:
Firma: Fortinet
Ansprechpartner: Feedback to businesspress24.com about Pressrelease-id:
Stadt: Frankfurt a.M.
Telefon:

Comments:



Number of hits: 247

Linking-Tips:



Direct Link to this PressRelease:






We would appreciate a link in your News-, Press- or Partner-Site.

Comments on this PressRelease






All members: 9 438
Register today: 0
Register yesterday: 0
Members online: 0
Guests online: 94


Don't have an account yet? You can create one. As registered user you have some advantages like theme manager, comments configuration and post comments with your name.