Ice IX Steals Phone Numbers to Compromise Accounts
A new Zeus variant has the attention of security experts – not because of its sophistication, but because of its automation.
Named Ice IX, this new malware targets online banking users’ login and passwords, but the ultimate aim is telephone numbers.
Trusteer’s Amit Klein, in a blog about Ice IX, says the phone numbers have proven more valuable than the online banking credentials, because they provide avenues for fraud that go undetected. With stolen numbers, fraudsters can reroute transaction verification from the bank, ultimately bypassing two-factor authentication.