Saturday, November 18, 2017
Home / Mobile / Malware / New banking Trojan hits Islamic Mobile Bank users

New banking Trojan hits Islamic Mobile Bank users

IntelCrawler, a cyber intelligence firm identified a sizable fraud campaign targeting large Islamic financial institutions. The attackers used a substantial mobile botnet with more than 27,000 intercepted SMS-messages were discovered between April 2013 and Feb 2014, which puts many smartphone banking customers at an increased risk.

The experts discovered the malware which often infected the cellular devices of banking customers to affect two factor authentication components integrated through the banking institutions. The malicious code, as with any similar banking Trojan, has the ability to intercept one time passwords (OTP) utilized to verify user’s transactions and are sent to the bot’s command and control servers which have implemented several kinds of encrypted notifications, which includes alerts through Jabber.

The attackers cloned  many legitimate mobile banking apps used inthe Middle East banking institutions.

0fcfde6483e8832a154b267ccf52414b

IntelCrawler has dubbed the banking trojan “mtoken-user7903.com”, the domain employed for the attacks was made on 5th February combined with the number of very similar domains such as “mtoken-user1034.com”, “mtoken-user3110.com”, “mtoken-user4901.com”, “mtoken-user7230.com”.

The Telecommunications Regulatory Authority (TRA) verified the fact that the amount of attacks is growing rapidly within the last three years, from 8,400 in 2010 up to 530,000 within the first quarter. TRA also disclosed to have detected over half a million cyber attacks on UAE computer users in the first three months of 2013 year.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …