Select Page

The Symbian, Windows Mobile and Blackberry modules of the notorious Zeus malware toolkit (also known as ZBot) have been known about for some months, and it has been clear that Zeus gang was interested in developing malware for mobile platforms.

However, until now we have not seen any evidence of Zeus targeting users who own Android or iOS (iPhone/iPad) devices.

This fact was quite surprising to us, considering the popularity of the Android and iOS platforms and the growing prevalence of malware being written for the Google Android operating system in particular.

In the last couple of days, however, there has been quite a lot of discussion on the mobile malware analysis mailing lists about a version of a an Android version of Zeus.

We eventually concluded that this was a malicious application that Sophos products have been detecting as Andr/SMSRep-B since 31st May 2011.

The malicious application pretends to be an Android version of Trusteer Rapport banking security tool, and was served to devices running the Google Android OS by a web server which was set up to deliver Zbot malware to multiple platforms.

Read more: Naked Security