×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Zeus Trojan Hits Blackberry Devices

Soulskill posted about a year and a half ago | from the kick-'em-when-they're-down dept.

Blackberry 37

wiredmikey writes "Despite its significant user base within enterprises, BlackBerry devices have managed to stay off the radar for malware writers. That may be ending, as four new Zeus-in-the-mobile (Zitmo) samples targeting BlackBerry users in Germany, Spain, and Italy have been found. Zitmo, which hit Android devices back in July 2011, refers to a version of the Zeus malware that specifically targets mobile devices. Denis Maslennikov, a security researcher at Kaspersky Lab, also identified a new Zitmo variant for Android using the same command and control (C&C) numbers as the BlackBerry versions. While previous Android variants have been primitive, the latest .apk dropper, which shows up as an app 'Zertifikat,' looks 'more similar to "classic" Zitmo,' he said. When executed, it displays a message in German that the installation was successful, along with an activation code. The Android sample also included a self-issued certificate that indicates it was developed less than a month ago."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

37 comments

bad headline (5, Funny)

Anonymous Coward | about a year and a half ago | (#40920813)

better headline: "Zeus SMITES Blackberry Devices"

Re:bad headline (0)

Anonymous Coward | about a year and a half ago | (#40920863)

Well done, AC... I laughed. And frist prost too?

HAHAI THOGUT MACS DONT GET VIRIIIII LAWL (0, Funny)

Anonymous Coward | about a year and a half ago | (#40920853)

oh wait this has nothing to do with apple.

Re:HAHAI THOGUT MACS DONT GET VIRIIIII LAWL (0)

Anonymous Coward | about a year and a half ago | (#40921115)

No, but it's similar.

For a long time, people kept saying, that, because Rim or Apple and others have such a small share of the market, it's not worth it for the malware developers to target them.
It's funny though, that 1% from back then, doesn't even compare to todays 1%.

Re:HAHAI THOGUT MACS DONT GET VIRIIIII LAWL (0)

Anonymous Coward | about a year and a half ago | (#40921261)

And RIM is more likely to be used by "the 1%"

Re:HAHAI THOGUT MACS DONT GET VIRIIIII LAWL (1)

Fjandr (66656) | about a year and a half ago | (#40925805)

That might have been true had RIM not had the largest share of the smartphone market for most of the time the smartphone market has existed.

Let's not let actual facts get in the way of a meritless argument that sounds good though.

What is that sound? (0)

Anonymous Coward | about a year and a half ago | (#40920873)

It's the sound of another nail in RIMM's coffin.

Movie title idea (5, Funny)

benjfowler (239527) | about a year and a half ago | (#40920933)

'The RIM Job'

Re:Movie title idea (0)

Anonymous Coward | about a year and a half ago | (#40921153)

'The RIM Job'

I expect that is a franchise well into high numbered sequels and that the fans would be quite upset over the radical departure from the existing story line. Strangely their anger would produce less violent shaking of their fists.

Re:Movie title idea (0)

Anonymous Coward | about a year and a half ago | (#40921673)

I had a dog named Odd Job.

Palm was visionary (0)

Anonymous Coward | about a year and a half ago | (#40920943)

One more reason to try WebOS, it's not too late!

Re:Palm was visionary (0)

Anonymous Coward | about a year and a half ago | (#40923621)

One more reason to try WebOS

(No it's not)

, it's not too late!

(Yes it is)

Proof RIMM falls behind (0)

Anonymous Coward | about a year and a half ago | (#40920983)

This just proofs RIMM falls behind all the competition. Even a Virus like ZEUS Trojan attacks iPhone or Android first. Blackberry comes last, poor RIMM

Not Possible (2, Funny)

captaindomon (870655) | about a year and a half ago | (#40921087)

Not possible. Blackberries are the most secure mobile devices on the planet. The reason people don't appreciate them is because they are only for highly secure corporations and governments. Right? Riiiiiiiight?

Re:Not Possible (4, Informative)

afidel (530433) | about a year and a half ago | (#40921191)

Uh, this software isn't going to get onto a blackberry device with BES lockdown policies, only onto unlocked devices where the user takes some action to install it (most likely bundled with some free game as I doubt drive by downloading is worth the effort for the low penetration numbers unless it's a spearfishing attack).

Re:Not Possible (0)

Anonymous Coward | about a year and a half ago | (#40928269)

As a fan of both BB and BES, I feel compelled to point out that relatively few enterprises can enforce such strict BES policies these days, given the move toward BYOD.

Re:Not Possible (0)

Anonymous Coward | about a year and a half ago | (#40921631)

Not possible. Blackberries are the most secure mobile devices on the planet. The reason people don't appreciate them is because they are only for highly secure corporations and governments. Right? Riiiiiiiight?

Blackberries allow the owner to install applications from any source. Blackberries also allow the owner to UNinstall applications.

A few years back, the government-owned phone company in the United Arab Emirates notified blackberry users that a new firmware was available. Many users downloaded & installed the new firmware.

Well, it wasn't firmware, it was spyware:

http://www.engadget.com/2009/07/21/etisalat-blackberry-update-was-indeed-spyware-rim-provides-a-so/
http://news.bbc.co.uk/2/hi/technology/8161190.stm
http://www.arabianbusiness.com/etisalat-accused-in-surveillance-patch-fiasco-15698.html?tab=Article

Fixing the issue was very easy - just uninstall the spyware program.

And if you had your blackberry permissions set correctly, you would have been asked if you want to allow the new application to access your email, and connect to the internet (which is very suspicious).

Just stop. (4, Insightful)

thePowerOfGrayskull (905905) | about a year and a half ago | (#40921371)

It's probably worth noting that these need to be manually downloaded and installed external to BB's app world - unlike the examples that have turned up for iOS in the appstore and in the market for android. If this was seen in the wild, that means users had to go out of their way to install it, and approve the permissions it requested.

Most importantly: Under BES you can lock down the devices to completely prevent installation of external/unapproved apps.

Re:Just stop. (0)

Anonymous Coward | about a year and a half ago | (#40921775)

Exactly. It's a non-threat. The fine-grained security model makes it extremely difficult for sneaky apps like this to do anything harmful, unlike other platforms.

Re:Just stop. (0)

Anonymous Coward | about a year and a half ago | (#40924211)

Most importantly: Under BES you can lock down the devices to completely prevent installation of external/unapproved apps.

More than that, a BES can globally deny access to specific app permissions (like "internet access", or "address book") for all but specifically approved apps.
So, go ahead, install the malware - it isn't going anywhere, and it can't do anything.

Malware hits BlackBerry devices? (1)

dgharmon (2564621) | about a year and a half ago | (#40921409)

What steps do the end users have to take for this malware to end up on their BlackBerrys. Do they have to visit a malicious website, open a malicious email attachment, enter an admin password? If so, isn't this the case of end users downloading and installing software from dubious sources. As such there is no known cure for end-user-stupidity ...

Re:Malware hits BlackBerry devices? (0)

Anonymous Coward | about a year and a half ago | (#40921525)

If so, isn't this the case of end users downloading and installing software from dubious sources.

Yes.

As such there is no known cure for end-user-stupidity ..

Well, there is a cure for end-user stupidity.

With a blackberry enterprise server, a company can block users from installing unapproved apps.

With a blackberry enterprise server, a company could allow unapproved apps, but prevent unapproved apps from accessing company data on the blackberry.

With a blackberry enterprise server, a company could allow unapproved apps, but prevent unapproved apps from making network connections.

Re:Malware hits BlackBerry devices? (0)

Anonymous Coward | about a year and a half ago | (#40922269)

So, a $50,000 solution will fix end-user stupidity. Good to know.

Re:Malware hits BlackBerry devices? (1)

acoustix (123925) | about a year and a half ago | (#40922995)

BES express is free. And I'm pretty sure that your $50,000 scenario is only valid for large BB customers with over 1,000 handsets. Which, in that scenario makes $50,000 rather cheap.

Re:Malware hits BlackBerry devices? (1, Insightful)

Krneki (1192201) | about a year and a half ago | (#40921543)

Can't be arsed to check the article but I guess it would be through web browsing or installing the application.

Anyway, we are safe, the web browser on BB suck so much no one is using and the app are so shitty not one is worth your time to installl it for free, let alone pay for it.

Still, I didn't trade my free BB for a free android (comes with the job), since android devices would need a clean format before I'd dare to use it. oh, and wouldn't touch Apple with a pole, cuz I just hate corporate policy to lock the user.

Re:Malware hits BlackBerry devices? (0)

Anonymous Coward | about a year and a half ago | (#40922417)

You'l use a Blackberry but won't use an Apple device...because of user locking policy.

Mind asploded.

Re:Malware hits BlackBerry devices? (0)

Anonymous Coward | about a year and a half ago | (#40922623)

Lol, that "shitty" browser is one of the best on the market. It's not 2006 any more. Try to keep up.

Re:Malware hits BlackBerry devices? (1)

Lehk228 (705449) | about a year and a half ago | (#40924143)

they must manually install it. blackberry can install an app from the web as a link, so manually installing would be easier than doing so on android or ios, but it requires user permission and will have to get permissions approved to access anything and will show up in applications list to be removed at any time by the user.

Re:Malware hits BlackBerry devices? (0)

Anonymous Coward | about a year and a half ago | (#40926391)

So... The user has to install the app from a shady source, give it access to user data, then give it access to the internet. Oh, and the phone can't be on a minimally secured BES server.

Fuck, they'd have better luck just asking users to email them their banking information!

Re:Malware hits BlackBerry devices? (1)

Lehk228 (705449) | about a year and a half ago | (#40953601)

technically 2 and 3 can be combined as a request for "trusted application status" but yea.

FIrST. (-1)

Anonymous Coward | about a year and a half ago | (#40923081)

aashole about.' One OS don't fear the and coomittees 'I have to kill go find something You don't need to Romeo and Juliet declined in market sales and so on, hobby. It was all ASSOCIATION OF Satan's Dick And move forward, users. Surprise OVER TO YET ANOTHER Under the GPL. was in the tea I little-known Tossers, went out

Ready for the next step (1)

manu0601 (2221348) | about a year and a half ago | (#40926245)

We are now ready for the next step I have been awaiting for years: cross-platform worms that can jump bacck and forth between Windows PC and mobiles, using WiFi and bluetooth. That will be delightful.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...