Zitmo Growing More Sophisticated, Prevalent in Android

From July to September this year, there’s been an uptick in Zitmo (or Zeus-in-the-Mobile) mobile banking malware according to research revealed this week by network security firm FortiGuard Labs.

From July to September this year, there’s been an uptick in Zitmo (or Zeus-in-the-Mobile) mobile banking malware according to research revealed this week by network security firm FortiGuard Labs.

Researchers argue that iterations of the malware variant that have come to Blackberry and Android phones as of late have led to new versions in Europe and Asia, suggesting the malware may have morphed into a botnet.

“While we’re detecting only a few instances of the malware in those regions, it’s leading us to believe the code is currently being tested by its authors or deployed for very specific, targeted attacks,” Guillaume Lovet, a senior manager of the FortiGuard Labs’ Threat Response Team, said on Monday. (.PDF)

While Zitmo surfaced on Blackberry smartphones earlier this year, it’s always seemed to thrive on Android devices. A series of Android applications disguised as “Android Security Suite Premium” in June spread the malware, stealing users’ incoming SMS messages and rerouting them to the command and control center of attackers.

Fortinet was one of the first security firms to learn more about Zitmo when it found the banking Trojan invading Android phones and intercepting two factor security systems in 2011. Variations of the malware hit Windows Mobile devices that year as well.

Suggested articles

Cyberattackers Put the Pedal to the Medal: Podcast

Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams.