Zeus-Android2.rar_Only_Zitmoapk_zeus_zeusZitmo资源-CSDN文库

共3个文件

txt：1个

pdf：1个

apk：1个

版权申诉

105 浏览量 2022-09-14 19:34:36 上传评论收藏 1.39MB RAR 举报

资源推荐

资源详情

资源评论

收起资源包目录

package

Zeus-Android2.rar （3个子文件）

folder

Zeus-Android

folder

Zeus-Android

ECBBCE17053D6EAF9BF9CB7C71D0AF8D.apk 19KB

info.txt 249B

shmoocon2011_zitmo-slides.pdf 1.55MB

Defeating mTANs for proﬁt

Axelle Apvrille, Kyle Yang

ShmooCon, January 2011

Summary

Overview of Zitmo

Why is Zitmo important?

Zeus background info

The attack - in a nutshell

Similarities with SMS Monitor

Reverse engineering

Conclusion

Defeating mTANs for proﬁt - A. Apvrille, K. Yang 2/23

Zitmo? ... what the fuss?!

In brief

•

Zeus In The MObile

•

Malware for Symbian

phones (OS > 9.0)

•

Intercepts mTANs =

one-time passwords sent

by SMS

•

Targetting Spanish online

banks

•

Propagated on PC by

Zeus botnet

•

ﬁrst case of use by organized

criminals

Defeating mTANs for proﬁt - A. Apvrille, K. Yang 3/23

Zeus (aka Zbot): background

•

It’s a crimeware kit, sold in the underground market

•

Designed to steal banking information

•

There are several Zeus botnets, not only one

What’s new for Zitmo’s propagation?

•

Not ’much’, because fully conﬁgurable

•

Uses a diﬀerent RC4 key to decrypt the conﬁguration ﬁle

•

Targets Spanish banks, injects Javascript into those URLs

Defeating mTANs for proﬁt - A. Apvrille, K. Yang 4/23

Zitmo in a nutshell

Bank

ZeuS

botnet

Infected Victim

Browser

injection

SMS

interception

1

2

4

Infecting

victim's

mobile

phone

3

Defeating mTANs for proﬁt - A. Apvrille, K. Yang 5/23

内容反馈

版权申诉

四散

粉丝: 48
资源: 1万+

最新资源

资源上传下载、课程学习等过程中有任何疑问或建议，欢迎提出宝贵意见哦~我们会及时处理！点击此处反馈

feedback-tip