Android Trojan attacks SMS smartphone bank security
Security company Trusteer is warning about an Android Trojan that is being distributed by criminals to beat the SMS smartphone authentication systems employed by European banks to verify money transfers.
Man-in-the middle (MitM) attacks on 2FA technology via mobiles started around a year ago based on the simple observation that the apparent strength of SMS verification is also its weakness if hackers are able to compromise the handset itself.
The SMS one-time passcode or transaction PIN looks like a way of shutting out online bank fraudsters who have gained access to a user's online account so criminals have devoted time to working out how to intercept that code. Trusteer has now seen the first mobile attacks based on the recent 'Tatanga' Trojan, as well as new configurations of the infamous SpyEye Trojan it has named 'SPITMO' (SpyEye in the mobile).
- Tue, 2013-04-23 06:38
- Tue, 2013-04-02 06:02
- Thu, 2012-11-08 00:42