That request enables criminals to access the phone directly, without issuing a separate installer, a process that could take an additional three days.
The latest version of the trojan sends users a message recommending that they download an app. Having obeyed the instructions to “set the application,” they are then told how to download and install the malware.
Users are told that they must then dial a number to obtain an activation code. Rather than giving them access to the bank’s site though, the malware reroutes the call and issues a fake activation code. The trojan’s distributors are then able to intercept and collect all the phone’s incoming SMS messages, including messages sent by their banks.
Once the malware has been installed, users are unlikely to notice any difference in their phone’s performance. The trojan does not appear on the dashboard and there will be no sign that their messages are being intercepted en route except perhaps for the additional charges incurred when the SMSs are forwarded to the criminal’s URL.
Spitmo isn’t the first trojan to target the bank accounts of Android users. In fact the malware has goals very similar to that Zitmo, or Zeus in the mobile, another bank-targeting trojan that tries to collect authentication details. Both programs redirect SMS messages to a remote server and both trojans spread by asking users to enter a URL in the mobile device to download a malicious Android app.
According to McAfee security expert Carlos Castillo though, SpyEye does not try to disguise itself as a security tool in the way that Zeus does, and it manages to reduce its footprint by remaining inactive until a specific number is dialled or an SMS is received.
Both trojans are cleverly written and aim to overcome the authentication hurdles set by banks and other organizations to restrict access to their data. The more popular Android becomes, the bigger a target its users are going to look to digital criminals – and the greater care that users will have to take before they download apps or enter their authentication details.
Source : Android Malware SpyEye Targets Users’ Bank Accounts
No comments:
Post a Comment