“MazarBOT is pretty advanced and nasty Android malware. Several factors indicate that it was designed as malware primarily targeting online banking customers. In fact, it will most likely succeed in circumventing most online banking protection solutions”, ref: https://www.csis.dk/en/csis/news/4819/

No losses are disclosed.  This is the short version of the attack:

  1. It is able to scale attacks to all Android users worldwide by simply sending a SMS to the victim.
  2. It opens a backdoor in the mobile phone and gains 100% control over the phone with root-privileges, enabling the hackers to manipulate transactions or alter anything they want on the device, including all its IP-based communication with a Man-in-the-Middle attack.
  3. It defeats 2-factor authentication delivered by SMS.
  4. It intercepts online banking traffic in a way that circumvents traditional defenses currently deployed by banks (at the time of discovery only 3 of 54 anti-virus engines was able to detect MazarBOT).

The key message from Protectoria:

  1. Cleaning or defending the mobile device from being controlled by advanced malware on the phone is futile. Mobile banking transactions cannot be protected with better programming since malware will always run with higher (root) privileges than the mobile banking app used by the legitimate user, according to new security research published by German scientists, ref:https://www.fau.eu/2015/11/03/news/research/an-easy-target-for-hackers/
  2. The only feasible mitigating action left for the banks is to literally turn the hackers’ weapons against malware: By dynamically and unpredictably changing the secure running environment of the mobile banking application. This has to be implemented with extreme entropy and integrity, which makes it practically impossible to tamper with the transaction verification process and steal money.
  3. Protectoria’s patent pending technology provides such a unique, transparent and secure running environment within the application layer of the mobile device, controlled by the server component on banks’ infrastructure.

 

–Protectoria Secure Mobile Platform is the banks business enabler for the future.