The fraud is then straightforward: The trojan on the PC starts a transaction, the telephone malware grabs the m-TAN confirmation message and forwards it to the malware on the PC where the fraudulent transaction is completed.
This will become increasingly dangerous with the success of smartphones, which allow more attack vectors, in particular if the telephone is regularly connected to the PC, e.g. for synchronizing or charging.
I have written about this problem already one month ago.
Posts
