Skip to content ↓ | Skip to navigation ↓

Researchers have found a new highly-sophisticated attack hitting Swiss bank customers, both online and on their Android device, which is capable of compromising systems, intercepting SMS tokens, poisoning DNS settings and manipulating SSL.

The trojan attack, knows as “Retefe,” is particularly interesting because of the cutting-edge combination of attack vectors to bypass modern defenses.

Many are familiar with the rising prevalence of malware on mobile devices; however, in this case, the mobile exploits were used in symphony with a variety of classic man-in-the-middle attacks, and then evaded detection by hiding its own tracks on victims’ systems.

In addition, the malware can prompt users to install a fake banking app that intercepts their login activity over the Internet. Despite the bank’s two-factor authentication system, hackers are able to access the secret code sent by text message, therefore granting them full access to plunder these accounts.

retefeschema
Source: SWITCH CH

Engineer Daniel Stirnimann at SWITCH CH commented, “The malware has an elegance that is difficult to beat: It does away with the [downloaded] software components and thus minimizes the complexity.”

A key takeaway here for smartphone users is to be cautious of the applications installed, especially when smartphones are used for two-factor authentication.

Read More Here…