BlackBerry Phones hit by Trojan Attack, Symbian and Windows Phones are next the Targets
Blackberry smartphones come under a new attack targeting their SMS feature according to security firm Trend Micro. The ZeuS Trojan, identified as BBOS_ZITMO.B, removes itself from the list of applications to be able to stay undetected rather than displaying any GUI. Once it is installed ZeuS sends you a confirmation message App Installed OK, to the administrator number, which is a U.K number, to signal that it can now receive commands.
The administrator can now remotely change the number to which it forwards SMS sends to affected one. In case the original attacker number is tracked and taken down, the attacker sends the update to the update the attack number to continue receiving the forward messages. According to analysis carried out by Trend Micro, ZeuS Trojan is capable of carrying the following commands
- Display SMS: Unmonitored SMS will be treated as normal SMS and will be displayed on the phone
- Delete/Drop SMS: SMS from the hacker will not be seen by the user
- Forward SMS: Send SMS to hacker without users knowledge
- Block calls
- Remove Block calls
- Set Administrator: Register a new Administrator
- Add Sender
- Remove Sender
- Set Sender
- Block/Unblock Phone Numbers
Trend Micro country manager for India and SAARC, Amit Nath said As more users access internet from expanding pool of devices, web based threats will continue in size. The growth of smartphones and faster data speeds will also increase the possibilities of infection. As criminals devise way to make money out of exploiting mobile technologies, mobile users will grow extremely vulnerable. With growing use of mobile devices, cyber criminals should have a very profitable 2011. Their tactic will be to opt put a new spin on social engineering by way of malware campaigns, by bombarding recipients with emails that drop downloaders containing malware. All this will largely be made possible because of Internet.
Trend Micro asserts that this threat affects not only BlackBerry Phones, but also been spotted in smartphones based on Symbian (SYMBOS_ZBOT.B) and Windows Mobile (WINCE_ZBOT.B). People using mobile banking be extra cautious while installing applications and clicking links sent by unknown users or they risk downloading this malicious applications and comprising security.