2 min read

Europeans Lose $47 Million in Mobile Malware Attack

Bogdan BOTEZATU

December 07, 2012

Europeans Lose $47 Million in Mobile Malware Attack

Western-Europeans have lost 47 million dollars in only a few months, following a massive malware attack targeting both Windows computers and mobile users. According to a report issued by security software company CheckPoint, the group of cyber-criminals used a piece of malware called Eurograbber, an application that spun off the notorious Zeus banking Trojan.

The attack starts with a spammy message including a link. As the user clicks the malicious link, they are carried to an exploit page which installs the malware in the background. This piece of malware is then used by cyber-criminals to modify the HTML pages of the banks in real-time from within the browser as the user tries to log in.

The malware also injects another field in the login form that asks the user for the mobile number. If the mobile number is provided, the user would get a malicious message rigged with ZitMO, a mobile version of Zeus that lurks on the device and intercepts messages. ZitMO works on Android, BlackBerry and Windows Mobile phones.

In order to secure transactions, some banks approve transactions only after they have been confirmed. Shortly put, the bank would send a SMS message containing a unique code (mTAN or mobile Transaction Authorization Number) that the user needs to use in order to validate the transfer. Since the attackers had full control of both the browser and the user`s mobile phone, they could easily move funds from one account to another without any problems.

Online banking customers should make efforts to ensure their computer is current and to also conduct their online banking transactions from the most secure environment possible. A computer that is current in OS and application updates and security protections combined with an office network that is protected with multiple layers of security will provide the most protection against attacks like Eurograbber,“ concludes the report.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read