Breaking news from Poland today: A variant of the ZeuS trojan is targeting the mobile phone based, two-factor authentication used by ING Bank Slaski (Polish ING Bank).
Security consultant and blogger, Piotr Konieczny has details on his blog, Niebezpiecznik.
From the details that F-Secure gathered so far, this appears to be the same type of ZeuS Man-in-the-mobile attack that took place in Spain last year. Spanish security company, S21sec first reported on ZeuS Mitmo here.
ZeuS Mitmo is designed to steal mTANs, and computers infected with a ZeuS Mitmo trojan will inject a "security notification" into the Web banking process, attempting to lure the user into providing their phone number. If a phone number is provided, the user will receive an SMS link pointing to the mobile component, ZeusMitmo.A.
More details - link
Security consultant and blogger, Piotr Konieczny has details on his blog, Niebezpiecznik.
From the details that F-Secure gathered so far, this appears to be the same type of ZeuS Man-in-the-mobile attack that took place in Spain last year. Spanish security company, S21sec first reported on ZeuS Mitmo here.
ZeuS Mitmo is designed to steal mTANs, and computers infected with a ZeuS Mitmo trojan will inject a "security notification" into the Web banking process, attempting to lure the user into providing their phone number. If a phone number is provided, the user will receive an SMS link pointing to the mobile component, ZeusMitmo.A.
More details - link
