Exploitation of Android Mobile Malware in Phishing Modus Operandi: A Malaysia Case Study

Phishing has evolved over the years with new techniques, beginning with simple URL manipulation, followed by vishing, then spear-phishing, causing huge monetary loss to financial institutions and Internet banking users around the world. Mobile devices are seen as a new perfect vehicle in phishing campaigns by attackers as they are widely and increasingly used. In this paper, we studied a phishing modus operandi that uses Android mobile malware, Zitmo, which is a variant of Zeus family, in operating successful phishing campaigns targeting Malaysians. This study includes analysis of the behaviour of this variant, its tricks and tactics in manipulating victims. The tools and codes that we developed to conduct the analysis and investigation for this incident are discussed in this paper. The result from this study proposes a mitigation and response recommendation for IT users and organizations in responding and mitigating phishing incident.