Kominikat eng

How to remove malicious software ZEUS (Citadel/Zitmo) from computers and
mobile phones
Risk
Electronic Banking Council at the Polish Bank Association identified a new attack on Polish banks’
customers who avail of electronic banking. This time, cyber criminals have used a new version of trojan
ZITMO which takes control of the mobile phone. In the first place, PCs are infected with trojan CITADEL
which steals logins and passwords of customers who avail of internet banking.
More information on these risks has been posted on the sites of the Polish Bank Association and CERT
Polska team which cooperates with Naukowa i Akademicka Sieć Komputerowa NASK (Research and
Academic Computer Network) NASK:
http://zbp.pl/dla-konsumentow/bezpieczny-bank/aktualnosci
http://www.cert.pl/news/tag/zeus
Methods of risk removal
In the interest of Bank Zachodni WBK Customers whose PCs or mobile phones may have been infected
in the fashion described above, we have published addresses of internet sites where instructions have
been posted on how to remove the malware from PCs and mobile phones.
Mobile computers and PCs
Instructions for users of the infected PCs published by the leading AV software producers:
https://support.kaspersky.com/faq/?qid=208280039
http://www.symantec.com/en/uk/security_response/writeup.jsp?docid=2010-093000-5257-99&tabid=3
http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=3291059
Mobile phones
Instructions for the users of infected mobile phones published by CERT Polska team which indicate the
vulnerable types of phones and the fashion of risk removal:
http://www.cert.pl/news/3283