Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zeus Trojan Hits Blackberry Devices

Posted by Soulskill on from the kick-'em-when-they're-down dept.

wiredmikey writes "Despite its significant user base within enterprises, BlackBerry devices have managed to stay off the radar for malware writers. That may be ending, as four new Zeus-in-the-mobile (Zitmo) samples targeting BlackBerry users in Germany, Spain, and Italy have been found. Zitmo, which hit Android devices back in July 2011, refers to a version of the Zeus malware that specifically targets mobile devices. Denis Maslennikov, a security researcher at Kaspersky Lab, also identified a new Zitmo variant for Android using the same command and control (C&C) numbers as the BlackBerry versions. While previous Android variants have been primitive, the latest .apk dropper, which shows up as an app 'Zertifikat,' looks 'more similar to "classic" Zitmo,' he said. When executed, it displays a message in German that the installation was successful, along with an activation code. The Android sample also included a self-issued certificate that indicates it was developed less than a month ago."

6 of 37 comments (clear)

  1. bad headline by Anonymous Coward · · Score: 5, Funny

    better headline: "Zeus SMITES Blackberry Devices"

  2. Movie title idea by benjfowler · · Score: 5, Funny

    'The RIM Job'

  3. Not Possible by captaindomon · · Score: 2, Funny

    Not possible. Blackberries are the most secure mobile devices on the planet. The reason people don't appreciate them is because they are only for highly secure corporations and governments. Right? Riiiiiiiight?

    --
    Just because I can hook a shark from a boat, I do no offer to wrestle it in the water.
    1. Re:Not Possible by afidel · · Score: 4, Informative

      Uh, this software isn't going to get onto a blackberry device with BES lockdown policies, only onto unlocked devices where the user takes some action to install it (most likely bundled with some free game as I doubt drive by downloading is worth the effort for the low penetration numbers unless it's a spearfishing attack).

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  4. Just stop. by thePowerOfGrayskull · · Score: 4, Insightful

    It's probably worth noting that these need to be manually downloaded and installed external to BB's app world - unlike the examples that have turned up for iOS in the appstore and in the market for android. If this was seen in the wild, that means users had to go out of their way to install it, and approve the permissions it requested.

    Most importantly: Under BES you can lock down the devices to completely prevent installation of external/unapproved apps.

  5. Good news for RIM by maccodemonkey · · Score: 4, Funny

    I bet RIM is ecstatic. Someone is still writing Blackberry software!