A new form of the infamous Zeus banking Trojan has been uncovered targeting Research in Motion’s (RIM) BlackBerry devices, according to Kaspersky Lab.
The Kaspersky researchers reported finding several new samples of the Zitmo (Zeus in the mobile), one of which was targeting the BlackBerry platform, on Tuesday.
The Zitmo variant has reportedly been operating for at least two years targeting Android phones by masquerading as banking security application or security add-on.
Previously the BlackBerry ecosystem has not been a common target for attackers, despite its ties to several high-profile government and financial institutions.
This is largely due to BlackBerry devices running on RIM’s corporate servers with strong security, which includes a number of features like file encryption, password security and remote wipe powers.
The new Zeus variant shares its predecessor’s goal and is mainly designed to steal online banking credentials from users.
The new version targeting BlackBerry devices reportedly does this by forwarding incoming SMS messages to the command and control device operated by the criminals.
The tactic is designed to help the criminals circumvent the out-of-band authentication systems used by many European banks, by hijacking the one-time password authentication password sent via SMS.
The Zeus variants discovery comes amid widespread reports from security vendors that mobile malware levels are booming.
The majority of the attacks are reported to be targeting the Android ecosystem, a pattern that will likely continue in the near future, according to security firm Trend Micro, which published its own threat report in July.