I've heard that a new variant of Zeus -- Zeus-in-the-mobile -- has begun targeting smartphones and other mobile...
devices. Can you please explain how this variant is different than the original Zeus? Are the defense strategies different?
Zeus has plagued desktops and laptops for at least the past seven years, infecting them and then using them to commit financial crimes. Zeus-in-the-mobile is relatively new form of Zeus malware that is used to attack smartphones to commit these same crimes. The malware is used in conjunction with a compromised desktop or laptop system to steal one-time passwords generated on the smartphone. Getting the malware on a smartphone may be more difficult, but many people assume their smartphones are secure and don't think a malicious application could be installed.
While app stores and the different security models on mobile devices have the significant potential to help secure users from malware and other threats, smartphones and other devices are still going to require careful use with the current vetting models. If malware like Zeus masquerading as a legitimate application enters the trusted apps stores of Google or Apple, users will assume the app is legitimate because they downloaded it from the app store. In fact, targeting the app store is attractive to attackers because it is one of weakest links. Trusteer found this out the hard way when it discovered the new variant of Zeus (Zeus-in-the-mobile) was using the Trusteer brand to trick people into thinking a malicious app was legitimate. Zeus-in-the-mobile is designed to steal one-time passwords sent via SMS messages for banking accounts and financial websites.
In the case of Trusteer, the company could monitor app stores for applications it didn't publish itself. This would need to be something every vendor does itself at this point since current app stores don't necessarily check if Trusteer is the same as Trustee or even if it's the legitimate Trusteer. This task might be difficult for vendors to do, though, so the responsibility lies in the hands of the users.
To defend against Zeus-in-the-mobile -- or any malware that comes from app stores -- users should review every app and its details, especially permissions, prior to downloading, and only download known, legitimate apps. Trusteer also points out that if the smartphone had its software installed, this would have prevented the infection; using antimalware software on mobile devices can greatly cut down the chances of falling victim to a mobile malware attack.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Nick Lewis
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to ... Continue Reading
The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common... Continue Reading
A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.