Kaspersky Lab researchers say they have detected five new variants of a mobile trojan known as ZitMo, four of which target BlackBerry devices, which typically have gone untouched by hackers.
ZitMo, which stands for "Zeus in the mobile," first appeared roughly two years ago. It is designed to steal mobile transaction authentication numbers (mTANs), or one-time passwords, that some banks, mostly in Europe, send via SMS message to mobile users as an additional layer of security.
In the past, the malware has posed as a legitimate banking security application. Once installed, the bogus app intercepts all incoming SMS messages and forwards them to a remote server.
The latest samples are targeting users in Germany, Spain and Italy, said Denis Maslennikov, a Kaspersky senior malware analyst, in a blog post Tuesday.
The BlackBerry samples are masqueraded as .cod and .jar files, while the Android strain hides itself as a security app, he said.
This article originally appeared at scmagazineus.com
Copyright © SC Magazine, US edition
Issue: 345 | December 2015