The Zeus trojan horse, also known as Zbot, is a botnet that steals user information through phishing schemes and keystroke logging. It was first discovered in 2007 and has targeted the customers from banks, cellular providers, social media outlets, online retailers and beyond. It is believed that Zeus has compromised millions of computers around the world including over three and half million in the US alone.
Zeus has reemerged in Poland with a variant called Mitmo, which is short for Man-in-the-Mobile, which targets users home computers and smartphones.
The attack is launched in two stages. The first stage comes when accessing a bank site from the home computer. The Zeus Mitmo trojan horse will give a security notification and ask that user provide their mobile phone number under the pretense of a two-factor authentication process. The second stage is initiated by an SMS link sent to the mobile phone which when clicked will infect the phone with the ZeusMitmo.A version of the malware.
Mitmo is then able to access all information going in and out of the phone, including legit SMS messages coming from the banking portal to provide new login information. This provides access and passwords to the users bank accounts which could result in fraud and identity theft. Currently Mitmo has been found only in parts of Europe and have been specifically tailored to work on a couple of smartphones, including the BlackBerry. However there is growing concern about the potential growth of this kind of attack.
As people increasingly use their home computers to sync and store more information on their mobile devices, these threats will continue to multiply and advance. Using up-to-date virus and malware protection can help spot these attacks before they compromise computer systems and smartphones.