A new sample of Zitmo is out, pretending to be an Android Security Suite. Like others in Zitmo, the malware is a SMS spy: it forwards incoming SMS message to a remote server. This particular sample responds to a few basic SMS commands we have reversed. In the following video, we show one of these commands in action: a SMS whose body is “/” and followed by a phone number sets up a new phone number for the spy. Then, all future incoming SMS are also forwarded to that phone number.

You Can Learn More About the Fortinet Product Line By Going to www.FirewallShop.com/Fortinet

The original article/video can be found at Controlling AndroidZitmo.E!tr.spy by SMS