Defeating mTANs for profit

Malware on mobile phones has existed for several years, but until recently it had not been used for organized crime involving large amounts of money. This changed in September 2010 when the infamous Zeus gang, known for targeting online banking, started to show a clear interest in infecting mobile phones and released a new version of their bot to propagate a trojan for mobile phones. In this two-part article we will present an in-depth reverse engineering of the mobile phone trojan, show how to reroute stolen SMS messages to a test phone, and explain how to display hidden windows of the trojan.


Malware on mobile phones has existed for several years, but until recently it had not been used for organized crime involving large amounts of money. This changed in September 2010 when the infamous Zeus gang, known for targeting online banking, started to show a clear interest in infecting mobile phones and released a new version of their bot to propagate a trojan for mobile phones. In this two-part article we will present an in-depth reverse engineering of the mobile phone trojan, show how to reroute stolen SMS messages to a test phone, and explain how to display hidden windows of the trojan.

References

Virus Bulletin Magazine, March 2011 Virus Bulletin Magazine, April 2011