ZeuS Mitmo ?

[Rome0]

ZeuS Mitmo, a variant of ZeuS crimeware, has started attacking clients of ING in Poland by targeting the two-step authentication process used by the bank.
The attack has two components, first the user’s PC is infected with the ZeuS malware which adds a legitimate looking field to ING’s web page. This extra field asks the user for their phone number. Once entered the user receives a fake SMS from the bank with a link to the mobile part of the attack. Once installed the mobile malware forwards the real authentication messages from the bank (used during login) to another phone.
Now armed with the user name and password (from the infected PC) and the authentication code SMS from the infected phone, the attacker can login to the victims online banking service.
This isn’t the first time this type of attack has been launched against online banking systems which use SMS messages for authentication. A similar ZeuS Man-in-the-mobile attack was reported in Spain last year.
Apple is often criticized for the amount of control it has over its app store, but this is one example of how being able to freely install apps from anywhere can lead to disastrous consequences.

Recently i have found this info about zeus to infect Mobile phone to execute and scam "security sms code " used to execute bank transfer ,
but i not found any info about this add-on for zeus botnet .

any comment on that ? thanks

 

[Ninja]

You wont find "addon".
coz zeus in its PUBLIC version become crap.

And i suppose version u mentioned - rewrited version of it, based on sources which was widely available.

 

[Rome0]

Thanks ninja .
Yes as i heard , is it coded to infect mobile number from ZS victim already captured by trojan by using "social infect aslike facebook & twitter " who are already installed on 3G phone .

Maybe is it time to Mr Gribo to develloped that into Spyeye

Thanks Ninja for u r very fast reply on my question