I've heard that a new variant of Zeus -- Zeus-in-the-mobile -- has begun targeting smartphones and other mobile...
devices. Can you please explain how this variant is different than the original Zeus? Are the defense strategies different?
Zeus has plagued desktops and laptops for at least the past seven years, infecting them and then using them to commit financial crimes. Zeus-in-the-mobile is relatively new form of Zeus malware that is used to attack smartphones to commit these same crimes. The malware is used in conjunction with a compromised desktop or laptop system to steal one-time passwords generated on the smartphone. Getting the malware on a smartphone may be more difficult, but many people assume their smartphones are secure and don't think a malicious application could be installed.
While app stores and the different security models on mobile devices have the significant potential to help secure users from malware and other threats, smartphones and other devices are still going to require careful use with the current vetting models. If malware like Zeus masquerading as a legitimate application enters the trusted apps stores of Google or Apple, users will assume the app is legitimate because they downloaded it from the app store. In fact, targeting the app store is attractive to attackers because it is one of weakest links. Trusteer found this out the hard way when it discovered the new variant of Zeus (Zeus-in-the-mobile) was using the Trusteer brand to trick people into thinking a malicious app was legitimate. Zeus-in-the-mobile is designed to steal one-time passwords sent via SMS messages for banking accounts and financial websites.
In the case of Trusteer, the company could monitor app stores for applications it didn't publish itself. This would need to be something every vendor does itself at this point since current app stores don't necessarily check if Trusteer is the same as Trustee or even if it's the legitimate Trusteer. This task might be difficult for vendors to do, though, so the responsibility lies in the hands of the users.
To defend against Zeus-in-the-mobile -- or any malware that comes from app stores -- users should review every app and its details, especially permissions, prior to downloading, and only download known, legitimate apps. Trusteer also points out that if the smartphone had its software installed, this would have prevented the infection; using antimalware software on mobile devices can greatly cut down the chances of falling victim to a mobile malware attack.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Nick Lewis
The Zealot campaign discovered by F5 Networks uses the same Apache Struts vulnerability exploited in the Equifax breach. Learn how else it performs ... Continue Reading
Facebook Messenger is being used to reach more victims with a cryptojacking bot that Trend Micro researchers named Digimine. Learn how this bot works... Continue Reading
Spider ransomware has been found spreading malicious files via a phishing campaign that gives victims a 96-hour deadline. Learn how this attack is ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.