Skip to content
1-888-762-8736(M-F 8:00am-5:00pm CST)
1-877-218-7353(M-F 8:00am-5:00pm CST)
href="http://www.trendmicro.com/us/enterprise/index.html" id="ENT-overview-test2" title="SEE ALL ENTERPRISE SOLUTIONS">Enterprise Overview
This spyware is a variant of the ZBOT/ZeuS malware family that targets smartphones running on Windows Mobile. It intercept calls and text messages to steal user credentials used in online banking.
To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.
It monitors SMS messages of an infected Windows mobile phone then forwards the message if the sender is listed in its monitored list.
Its primary objective is to steal authentication codes used in online banking. It sends and receives information/commands from a specific phone number.
It is a counterpart of SYMBOS_ZBOT.B and BBOS_ZITMO.B, which are for devices running on Symbian OS and BlackBerry OS, respectively. It is also a counterpart of TSPY_ZBOT.HQ, a Windows system malware.
This spyware may be unknowingly downloaded by a user while visiting malicious websites.
This spyware does the following:
NOTES: This spyware is a counterpart of SYMBOS_ZBOT.B and BBOS_ZITMO.B, which are for devices running on Symbian OS and BlackBerry OS, respectively. It is also a counterpart of TSPY_ZBOT.HQ, a Windows system malware.
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Scan your computer with your Trend Micro product to delete files detected as WINCE_ZBOT.B. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
NOTES: If you recently connected your smartphone to your Windows PC, please do the aforementioned cleanup step.
Connect with us on
| | | |