Zitmo (ZeuS in the MObile) is a mutation of ZeuS that appeared for the first time in early 2011, targeting bank customers in Poland and Spain, infecting unknown numbers of users. Zitmo consists of two parts: spyware installed od PC and an application installed on mobile device. At the time the PC app is capable to run on all modern Windows systems (2000-8) both 32 and 64 bits, while the mobile part runs on Android, (although it’s prepered for Symbian and Blackbery as well).
We have recently discoverd that the banker used in malware is a strange mixture of ZeuS and Spy-Eye, served as a module, and it’s only one of functionalities offered by malware. It also incorporates a sophisticated communication schema used to trasport stolen data from mobile phones which we are still investigating. We will show how malware operates on both PCs and mobiles to stealing money. In addition, we will release tools that aid analysis.