I’ll first point out that while this story has broken out, there has been no statement or confirmation from RIM regarding the matter. We all know that there are no known viruses that affect a BlackBerry device, aside of the spyware that exists that must be installed to the device to function. SAARC at Trend Micro has claimed researchers at the firm have been alerted to the finding of a ZeuS trojan that affects BlackBerry devices. Check it out…
So first, just in case you’re unfamiliar with the ZeuS trojan, I’ll give a brief description. The ZeuS trojan is a Man-In-The-Middle malware or MITMO. The first variant was discovered last year. Trend Micro has identified this variant that affects BlackBerry devices as BBOS_ZITMO.B. The malware installs, deletes itself from the list of applications so that users are not aware that they have been infected.
This trojan has originated in Poland and has becoming widespread in India. So what is the ZeuS trojan capable of?
- Display SMS: Unmonitored SMS will be treated as a normal SMS and will be displayed on the phone.
- Delete/Drop SMS: SMS from hacker will not be seen by the user.
- Forward SMS: Send SMS to hacker without the user’s knowledge.
- Block Calls
- Remove Block Calls
- Set Administrator: Register a new administrator.
- Add Sender
- Remove Sender
- Set Sender
- Block/Unblock Phone Numbers
The target of the malware? To capture and retrieve banking passwords.
This can be scary, but if you are careful you can keep your phone secure. There are a few anti-virus programs out there such as SmrtGuard and BullGuard. What can you do in the meantime aside of that? Remember to keep your device physically secured. Never leave your device unattended ever. Keep your software up to date, including OS, patches, and security app updates. Use strong passwords to protect your device. Disable any remote connectivity when you’re not using it, like Bluetooth or WiFi. Encrypt your files whether they are corporate or personal. Be careful from who and where you are installing your app from. Any app that out of the box is a risk, so be sure you know the value of the app. One last tip would be to be very cautious when using mobile banking.
I haven’t heard of the trojan hitting this side of the continent yet, but I have sent emails to BullGuard and SmrtGuard asking if their anti-virus detects the malware and whether it would detect it before installing or after. As soon as I receive an answer, I’ll be sure to post it. It’s wise to be aware what threats are out there and how to protect against it.