double authentification process by mobile can now be replaced by a trojan

"iBanking is a malicious Android application that when installed on a mobile  phone is able to spy on its user’s communications. This bot has many interesting phone-specific capabilities, including capturing incoming and outgoing SMS messages, redirecting incoming voice calls, and even capturing audio using the device’s microphone. As reported by independent researcher Kafeine, this mobile application was for sale in underground forums and was used by several banking Trojans in an attempt to bypass a mobile two-factor authentication method put forth by some financial institutions. This method, usually called “mobile transaction authorization number” (mTAN) or mToken in the financial realm, is used by several banks throughout the world to authorize banking operations, but is now also increasingly used by popular internet services such as Gmail, Facebook and Twitter.
http://www.welivesecurity.com/2014/04/16/facebook-webinject-leads-to-ibanking-mobile-bot/

The malware makes in fact the double authentification by SMS unreliable for the simple reason that people by a social engineering trick have already given the malware all the necessary permissions to take over the identification process while starting a connection with mobile banking

In Belgium online banking is heavily promoted by the banks and it is called safe even if - for example - there is no CERT responsable for the wireless network

The comments are closed.