Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Malware targets Android multi-factor authentication

Dell : 05 April, 2013  (Technical Article)
Dell has discovered the Stel trojan which is targeting Android users to steal text messages containing transaction authentication numbers
Malware targets Android multi-factor authentication

Dell SecureWorks Counter Threat Unit (CTU) has discovered a new Android Trojan Horse called Stels. One of its main purposes is to steal text messages; these messages may include Mobile Transaction Authentication Numbers (mTAN Numbers) used in Two-Factor Authentication for Mobile and Wire Bank Transfers. The Stels malware can also harvest a victim's contact list, send and intercept Text Messages, makes phone calls (including calls to Premium, expensive numbers), and install additional malware packages.

The Android malware is being spread via spam campaigns using malicious emails pretending to be from the Internal Revenue Service (IRS) via the Cutwail Botnet. The spam usually entices users into clicking on links that redirect to the infamous Blackhole exploit kit, which looks for holes/vulnerabilities, in the users' web browsers and plugins on the Windows operating system. However, because the Blackhole exploit kit is currently unable to exploit an Android device, the attackers are using a fake Adobe Flash Player update to trick victims into downloading and executing the Android Trojan.

As of last week, Dell SecureWorks ran it through 10 of the Major Mobile AntiVirus Programs for Android  and there was 0 detection. The company also ran it through 44 antivirus product in VirusTotal on March 12 and there was 0 detection.

How to Protect from the Stels Android Trojan

* Do not allow installation of applications that are not distributed through the official Google Play marketplace on the device.
* Prior to installing applications on an Android device, be wary of the application-level permissions an application requests.
* Be critical of applications that request sensitive permissions such as INTERNET and READ_LOGS.
* Educate end users on the threats posed by attachments and links contained in SMS, EMAILS, and INSTANT MESSAGES.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo