Google Android smartphone users now have to watch for a new trojan that steals one-time banking passwords.
SC Magazine reports the Zeus trojan is a version of Zitmo, a mobile trojan application, that’s designed to steal mobile transaction authentication numbers (mTANs) in relation to banking transactions.
The malware disguised itself as the banking security app Rapport, made by Trusteer. If installed, the software captured incoming SMS messages and forwarded them to a remote server, where they could be picked up by hackers.
Trusteer discovered the spread of the malware in late May and early June and have taken the supporting servers offline.
While mTANs are used mostly by European banks as a second layer of security, the spread of this variant shows that attackers are attempting to break into dual-factor authentication, which could pose problems for other types of mobile banking platforms.
Read more here.