There are reports of fresh attacks of well known Trojan horse ZeuS on Blackberry devices. Blackberry has a special reputation of being a secure platform but recent news are defamatory. Problem becomes deepening when we come across the infecting mechanism of this malware. The Trojan once installed becomes completely invisible leaving no trail to track. ZeuS also known as Zbot is a Trojan horse that steals banking information by keystroke logging.
As South Asia director of Kaspersky Lab puts the present situation as :
“There has been a new wave of malware attack that has started affecting BlackBerry and it has originated from Poland. The aim is to extract banking passwords.”
Trend Micro,a security research firm reported a Zeus Trojan specifically targeting Blackberry devices. Virus notes the keystroke while user using Mobile banking and thus steals the personal information like passwords etc. Amit Nath, Trend Micro’s security manager in India and SAARC elucidated the virus mechanism. Zeus trojan “does not display any graphical user interface that can prompt users about the infection. Instead, it removes itself from the list of applications. The virus can view, delete and forward text messages, block calls, change the administrator on the device and block phone numbers. It allows the hacker to change the telephone number the device sends all the data to in the event that it gets shut down.”
This time Trojan specifically known as BBOS_ZITMO.B waits for to be installed,once installed it disappears,sends “App Installed OK” message to a botnet administrator then takes control over SMS function of Blackberry device. Now the device is infected and malware is ready to perform operations. These operations are commanded by botnet administrator. The actual phone user remains completely ignorant of these commands. In case the virus is apprehended and kicked out the administrator can hand over command privileges to a new administrator number, with the Set Administrator command.
- Malware can carry out following commands:
- Hiding SMS and sending it to Administrator without any knowledge tp user.
- Blocking calls.
- switch the phone on or off remotely.
How a secure platform like Blackberry was cracked is not easy to say,although Research in Motion has nothing uttered about the present scenario but the strong chances about the potential cause of breaching the security may be installing out-of-the-box applications.
So be warned and precautious while executing transactions and other banking options through the mobile phones and do not forget to update the virus database of your antivirus.