Carberp-in-the-Mobile

From Botnets.fr
Revision as of 18:57, 7 February 2015 by Eric.freyssinet (talk | contribs) (Text replacement - " www.securelist.com" to "")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

Carberp-in-the-Mobile
Botnet Carberp
Malware Citmo
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-12-14
Editor/Conference Kaspersky lab
Link http://www.securelist.com/en/blog/208194045/Carberp in the Mobile (Archive copy)
Author Denis Maslennikov
Type

Abstract

We previously wrote several times about Man-in-the-Mobile attacks which aim to steal mTANs sent via SMS. For a long time, only two families of such malware have been known: ZeuS-in-the-Mobile (ZitMo) and SpyEye-in-the-Mobile (SpitMo). ZitMo and SpitMo work together with their Windows ‘brothers’. Actually, without them, they would look like trivial SMS spy Trojans. It is necessary to mention that during the last two years such attacks have been observed only in some European countries like Spain, Italy, Germany, Poland and few others.

But when the mobile version of Carberp Trojan appeared (we detect it as Trojan-Spy.AndroidOS.Citmo, Carberp-in-the-Mobile) such attacks became real in Russia as well. There is no secret that online banking is becoming more and more popular in Russia; and banks are very active in promoting online banking with various authorization methods.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1264,
   editor = {Kaspersky lab},
   author = {Denis Maslennikov},
   title = {Carberp-in-the-Mobile},
   date = {14},
   month = Dec,
   year = {2012},
   howpublished = {\url{http://www.securelist.com/en/blog/208194045/Carberp_in_the_Mobile}},
 }