Botnet steals more than $37 Million by infecting PC and Smartphones
Roshan Ashraf Shaikh / 12 years ago
A new version of Zeus Trojan has been used in over 30,000 attacks in Europe infecting computers and smartphones. The attack is designed to circumvent the 2-factor authentication by intercepting messages sent by back to the infected mobile phone.
It does sound very scary as it defeats the purposes of having such authentication method in banks.
The Botnet is called “Eurograbber” and it was first detected in Italy early this year and its responsible for more than $47 Million in transfers from victim’s bank accounts, stealing amounts between $ 650 to even as high as $ 32,000.
The starts when a victim link on a malicious link which redirects them to a site that attempts to download Trojans. The Trojan then captures the account’s credentials and launches a JavaScript that spoofs as a request for software upgrade to prevent their mobile device from being attacked.
The Trojan is crafted for Android and BlackBerry mobile OS that injects itself on the phone in the browser and SMS messaging software. It then wants for the victim to access a bank account and then immediately transfers a percentage of victim’s balance to another account set by the criminal behind this type of attack.
Checkpoint and Versafe have added signature and behaviour detection to block Eurograbber.
Source: Ars Technica