Mitmo Smartphone Malware

Internet Revoultion is reporting a new strain of the infamous ZeuS banking malware.  “Mitmo,” is injected as a rootkit on the victim’s smartphone via an SMS message that prompts the user to download a bogus app.  Once installed, the malware can modify the appeareance of the bank’s mobile Website, snatch the client’s login and password, and from then on, the infected smartphone monitors all incoming SMS messages, redirecting any bank SMS or mTan (mobile Transaction Authentication Number) back to a ZeuS bot herder.

This week saw the first notable appearance of “man-in-the-mobile” combined malware and iBot attacks in Poland, where ING Bank customers had their smartphone authentication numbers hijacked.

Definitiely worth reading this article, and the comments regarding the lack of asmartphone anti-virus protection.  I’m quite surprised that as this market has grown enormously (302 million phones in play in 2010) and quickly, there is a lack of product from the major vendors.  Expect to see some of the recent start-ups getting bought by the big boyz shortly.