SIM-ple: mobile handsets are weak link in latest online banking fraud scheme
(Publication) Google search: [1]
| SIM-ple: mobile handsets are weak link in latest online banking fraud scheme | |
|---|---|
| Botnet | Gozi, ZeuS, SpyEye |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 13 mars 2012 |
| Editor/Conference | Trusteer |
| Link | http://www.trusteer.com/blog/sim-ple-mobile-handsets-are-weak-link-latest-online-banking-fraud-scheme (Archive copy) |
| Author | Amit Klein |
| Type | |
Abstract
“ We recently uncovered two online banking fraud schemes designed to defeat one time password (OTP) authorization systems used by many banks. Unlike a previous attack we discussed that involved changing the victim’s mobile number to redirect OTPs to the fraudster’s phone, in these new scams the criminals are stealing the actual mobile device SIM (subscriber identity module) card.
In the first attack, the Gozi Trojan is used to steal IMEI (international mobile equipment identity) numbers from account holders when they login to their online banking application. The bank is using a OTP system to authorize large transactions. Once they have acquired the IMEI number, the criminals contact the victim’s wireless service provider, report the mobile device as lost or stolen, and request a new SIM card. With this new SIM card, all OTPs intended for the victim’s phone are sent to the fraudster-controlled device.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR939,
editor = {Trusteer},
author = {Amit Klein},
title = {SIM-ple: mobile handsets are weak link in latest online banking fraud scheme},
date = {14},
month = Mar,
year = {2012},
howpublished = {\url{http://www.trusteer.com/blog/sim-ple-mobile-handsets-are-weak-link-latest-online-banking-fraud-scheme}},
}