Android malware pairs man-in-the-middle with remote-controlled banking trojan
(Publication) Google search: [1]
| Android malware pairs man-in-the-middle with remote-controlled banking trojan | |
|---|---|
| |
| Botnet | FakeToken |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 14 mars 2012 |
| Editor/Conference | McAfee Labs |
| Link | http://blogs.mcafee.com/mcafee-labs/android-malware-pairs-man-in-the-middle-with-remote-controlled-banking-trojan (Archive copy) |
| Author | Carlos Castillo |
| Type | |
Abstract
“ Based on the Android malware that we’ve seen so far, one of the principal motivations to develop and spread malware on Android is to gain financial profit. We often see deceptive applications that send SMS messages to premium-rate numbers without the user’s consent or that run man-in-the-middle attacks to forward SMS messages to an attacker with a user’s mTANs (Mobile Transaction Numbers). In the latter case, the attacker uses the information to defeat the two-factor authentication security scheme used by several banks and financial entities around the world. Examples of this last type of threat are the well-known Trojan bankers ZeuS and SpyEye, which includes in the latest versions of its PC malware a new module that targets Android. In general, those malicious applications are not complex compared with more sophisticated threats. However, the situation may have changed: With the recent discovery of a new Android malware that has the man-in-the-middle functionality but, unlike ZeuS and SpyEye, also can be controlled remotely and can grab the initial password from a mobile device without infecting the user’s PC.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR938,
editor = {McAfee Labs},
author = {Carlos Castillo},
title = {Android malware pairs man-in-the-middle with remote-controlled banking trojan},
date = {15},
month = Mar,
year = {2012},
howpublished = {\url{http://blogs.mcafee.com/mcafee-labs/android-malware-pairs-man-in-the-middle-with-remote-controlled-banking-trojan}},
}