German E-Banking Users Fall Victim to Mobile Banker Trojan
Berlin Police published a press report warning of fraudulent actions that involve scammers using mobile transaction authentication numbers or mTAN sent via SMS to perform illegal online banking transactions and unauthorized cash withdrawals.
All signs point to Zitmo, the only mobile Trojan known to date used by scammers to target people with smartphones with an Android operating system by intercepting mobile transaction authentication numbers.
For Zitmo to work, users’ PC must be infected with ZeuS to steal critical information such as phone model and phone number every time they visit a bank website. With people not using a secondary layer of security, this data would be enough for a scammer to clear victims’ bank accounts.
If however people rely on mTAN to secure their online transactions, scammers also need Zitmo to fetch for them the unique authentication number provided via SMS before performing the online money-related operation.
German Police explain how the scam works and encourage people to be extra vigilant with any official-looking “security update” recommendation that reaches them out of the blue. In this situation, the best practice would be to call the bank or, better yet, pay the financial institution a visit and check the claim. Once the money is withdrawn, it’s gone forever.
Installing a complete antivirus suite with a reliable antiphishing module will also defend users against such threats.