14 DAY TRIAL // Security researchers from Trend Micro have identified a ZeuS-in-the-Mobile (ZITMO) variant that specifically targets BlackBerry devices to steal SMS messages.
The trojan is part of the latest stream of ZeuS mobile components that try to tackle two-factor authentication systems implemented by banks.
In order to counter the high level of cyber fraud on their online banking sites, many banks now require that customers confirm every transaction with a code that is sent to their mobile phone.
The first ZeuS Man-in-the-Mobile (MITMO) malware was identified last year by researchers from S21sec.
Then, last month, a Polish security consultant warned about ZeuS mTAN-stealing malware targeting local banks.
Trend Micro detects the BlackBerry OS version as BBOS_ZITMO.B and says that once installed it hides itself from the list of applications to stay under the radar.
It then sends an SMS message back to the attacker to report the successful compromise and starts listening for commands.
Its functionality includes the ability to hide SMS messages received from the hacker, forward others without the user's knowledge, block calls, register a new administrator, add, remove and set senders and block/unblock phone numbers.
In case the phone number used by the attacker is shut down, they can issue a special SMS command from any number in order to change it.
"With the increased popularity of mobile banking goes the increase of mobile threats," says Patrick Estavillo, threats analyst at Trend Micro.
"Thus users are strongly advised to keep their mobile devices secure, and be cautious in installing applications and clicking links sent by unknown users, as they may lead to the download of malicious applications," he adds.
The researcher also notes that variants with similar functionality also exist for the Symbian and Windows Mobile operating systems.