Zeus Malware Turns To Smite BlackBerry Users

Mobile versions of the Zeus malware have been spotted targeting BlackBerry users in earnest, with four different samples discovered by security firm Kaspersky Labs.

Although this is not the first time BlackBerry owners have been targeted by Zeus, it is rare for them to be targeted by any threats at all, due to the quality of their security in comparison to other phones.

Given the declining popularity of the RIM devices, the findings were even more surprising, as hackers tend to go for the most used operating systems in mobile attacks, hence why Android is such a big target.

The first time Zeus was seen targeting RIM was back in 2010, TechWeekEurope was told by Kaspersky Lab expert Denis Maslennikov.

Doubling up

Fresh versions of ZitMo, or ZeuS-in-the-Mobile, were seen targeting BlackBerry and Android users across Europe, attempting to steal users’ banking data and their money, although the UK users appear to be free from harm.

ZitMo gets hold of banking information by intercepting all text messages and passing them on to attackers’ own devices. It gets onto devices inside malicious applications, which users are duped into downloading. In this case, the malicious app was posing as security software called ‘Zertifikat’.

Kaspersky found mobile users in Spain, Italy and Germany were targeted by these fresh variants, with two command and control (C&C) numbers found on Sweden’s Tele2 operator.

“The analysis of new Blackberry ZitMo files showed that there are no major changes. Virus writers finally fixed grammar mistake in the ‘App Instaled [sic] OK’’ phrase, which is sent via SMS to C&C cell phone number when smartphone has been infected,” Maslennikov said in a blog post.

“Instead of ‘BLOCK ON’’ or ‘BLOCK OFF’’ commands (blocking or unblocking all incoming and outgoing calls) now there are ‘BLOCK’’ and ‘UNBLOCK’’ commands. Other commands which are received via SMS remain the same.”

Earlier this year, Kaspersky warned of a set of malicious Android applications posing as security software. Zeus was sitting behind those apps, ready to siphon off text messages.

Are you a security guru? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

19 hours ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

19 hours ago

US Supreme Court Agrees To Hear TikTok Appeal

US Supreme Court says it will hear appeal of TikTok and parent ByteDance against ban…

20 hours ago

Japanese Space Start-Up Destroys Second Rocket After Launch

Japanese start-up Space One destroys Kairos rocket for second time shortly after launch, as country…

20 hours ago

CATL Aims To Massively Expand EV Battery-Swap Infrastructure

World's biggest EV battery maker CATL aims to build 1,000 battery-swap stations next year, rising…

21 hours ago

Facebook ‘Restricted’ Palestinian News Content

Facebook has 'severely restricted' news content from Palestinian outlets since October 2023 amidst bias concerns,…

21 hours ago