Trojan changes call for mTAN

Trojan changes call for mTAN

The security company Trusteer has a variant of the online banking Trojan SpyEye discovered that cancel out the mTAN procedure. The sighted in Spain SpyEye-variant changes the mobile phone number stored in the bank, so the attacker can now carry out any transactions unnoticed. So far, the Trojans tried mTAN procedure by an infection of smartphones overturn the victims.

With the new attack, the Trojan steals a man-in-the-browser access for the first online banking. Once the victim has logged into his bank, presented a fake victims SpyEye the warning, according to the victim must be mandatory to register for a new protective function.


If the change in the bank deposited phone number, the customer receives a confirmation via SMS TAN.
Image: heise Security, the victim is supposedly a new SIM card from the bank obtained, the number must be unlocked for ever mTAN procedure. After the Trojan has launched the phone number change, the victim receives an SMS from the bank, in which there is a confirmation code. Is the victim in the code, the Trojans finish the phone number change and now has full control over the account.

While, the SMS messages at a phone number change banks send to their customers, usually a clear indication that by entering the confirmation code, the phone number associated with the account is changed. By the warning of the trojan, the victim would not suspect, however - after the change is so seemingly necessary in order to participate in the new security system.