The Internet Crime Complaint Center (iC3) has released a Fraud Alert detailing increased fraudulent wire transfer activity observed across the financial services sector. Although we urge close review of the report and its recommendations, the Solutionary Security Engineering Research Team (SERT) provides a brief summary below.

The alert is based on FBI reports of increased activity of fraudulent wire-transfers occurring just prior to large-scale Distributed Denial of... read more >

There has been some recent talk about a new mobile malware variant found in the wild. The malware has been identified as Trojan-Spy.AndroidOS.Zitmo. ZitMo stands for “Zeus-in-the-Mobile”.

ZitMo was originally designed to target the Symbian smartphones, with Windows Mobile and Blackberry following later. ZitMo for Android Operating System was first detected in July 2011. This trojan is another variant targeting the Android Operating System and is distributed as an APK with the name “Android Security Suite Premium” through SMS messages.

The purpose of ZitMo is to target the security features of online banking services. Banks use what are called TAN codes (Transaction Authentication Number) with digital signatures as an additional authentication mechanism to authorize the transaction. In some cases, banks send TAN codes via a text message (these are called mTANs, or mobile transaction authentication numbers).

Like... read more >