BlackBerry Forums Support Community

BlackBerry Forums Support Community (http://www.blackberryforums.com/)
-   BES Admin Corner (http://www.blackberryforums.com/bes-admin-corner/)
-   -   Zeus malware (http://www.blackberryforums.com/bes-admin-corner/260957-zeus-malware.html)

Orinoko 08-09-2012 08:02 AM

Zeus malware
 
Hi,

Is there any way to block the recently publicised Zeus virus using BES? I know you can block certain software packages from being installed so can this not be utilised?

Thanks.

dc/dc 08-09-2012 09:08 AM

Re: Zeus malware
 
There are no viruses or malware that affect BlackBerry. Do not involve BES in fighting a Windows malware. Get a good endpoint security system for your Windows workstations if you don't have it, get a firewall installed, and make sure they're all up to date.

Dubdub 08-09-2012 09:09 AM

Re: Zeus malware
 
Zeus isn't a recent virus, as it has been around since 2009. AFAIK, it affects PCs only. There is no known virus targeting the BB, so not something that should cause you to lose sleep over.

daphne 08-09-2012 10:23 AM

Re: Zeus malware
 
It's been in the news just recently there IS now a Zeus trojan targeting BlackBerry.
Researchers Identify Four BlackBerry Zitmo Variants | SecurityWeek.Com

Aug. 7
Quote:

Security researchers have identified new Zeus malware samples targeting Android and BlackBerry devices.

Despite its significant user base within enterprises, BlackBerry devices have managed to stay off the radar for malware writers. That may be ending, as Kaspersky Lab recently analyzed four new Zeus-in-the-mobile (Zitmo) samples targeting BlackBerry users in Germany, Spain, and Italy, Denis Maslennikov, a researcher at Kaspersky Lab wrote on the company's Securelist blog. These variants were communicating with two command-and-control cell phone numbers associated with a Swedish mobile operator.

Zitmo refers to a version of the Zeus malware that specifically targets mobile devices. Previous Zitmos variants masqueraded as banking security applications or security add-ons to circumvent out-of-band authentication systems used by some financial institutions by intercepting one-time passwords sent via text message and forwarding it to a another cell number that acted as a command-and-control device.

"Yes, finally we've got a ZitMo dropper file for BlackBerry," Maslennikov wrote.

The samples were three .cod files and one .jar file with a .cod file inside. The BlackBerry variants didn't have any major differences from other Zitmo versions in the wild, other than grammatical corrections, Maslennikov said. The list of commands used by the malware remained the same, according to the blog post.
More info in the link

The mobile version of Zeus is called Zitmo and it targets Android as well as BlackBery.
New ZitMo for Android and Blackberry - Securelist
Quote:

Weve got 5 new files of ZitMo: 4 for Blackberry and 1 for Android. As you may know, the Blackberry platform has never been actively targeted by malware. And here we have 4 different samples of ZeuS-in-the-Mobile for Blackberry at once: 3 .cod files and 1 .jar file (with one more .cod inside). Yes, finally weve got a ZitMo dropper file for Blackberry.

dc/dc 08-09-2012 01:44 PM

Re: Zeus malware
 
Quote:

Originally Posted by daphne (Post 1784786)
It's been in the news just recently there IS now a Zeus trojan targeting BlackBerry.
Researchers Identify Four BlackBerry Zitmo Variants | SecurityWeek.Com

Aug. 7


More info in the link

The mobile version of Zeus is called Zitmo and it targets Android as well as BlackBery.
New ZitMo for Android and Blackberry - Securelist

Bizarre. I searched the googles and didn't see that link.

Dubdub 08-09-2012 02:15 PM

Re: Zeus malware
 
I stand corrected. Thanks Daphne.

daphne 08-09-2012 03:03 PM

Re: Zeus malware
 
Quote:

Originally Posted by dc/dc (Post 1784805)
Bizarre. I searched the googles and didn't see that link.

Easy search: BlackBerry zeus :smile:
Google

I see this is hitting more tech sites now.

dc/dc 08-09-2012 06:21 PM

Re: Zeus malware
 
Quote:

Originally Posted by daphne (Post 1784809)
Easy search: BlackBerry zeus :smile:
Google

I see this is hitting more tech sites now.

Damn that Google! LOL :razz:

knottyrope 08-13-2012 09:22 AM

Re: Zeus malware
 
Quote:

Originally Posted by Orinoko (Post 1784770)
Hi,

Is there any way to block the recently publicised Zeus virus using BES? I know you can block certain software packages from being installed so can this not be utilised?

Thanks.

Yes you can create a software configuration and white list only the apps you want to be allowed.

Orinoko 08-20-2012 11:27 AM

Re: Zeus malware
 
Thanks for getting back to me, yes I guessed that I would be able to use software configurations to block the threats but do you have any ideas on the names of the software that should be blocked? I look after a few thousand BES linked BB's so although it present we probably wouldn't deploy the 'fix' it is good to be ready in case it escalates.


All times are GMT -5. The time now is 02:17 PM.

Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.