InformationWeek: Security experts say the Zitmo trojan has begun showing up on Android phones. "The malware poses as a banking activation application," blogged Axelle Apvrille of Fortinet. "In the background, it listens to all incoming SMS messages and forwards them to a remote web server."
Many banks now send one-time use online banking passwords via SMS. The trojan forwards these passwords along with other text messages to the ZeuS gang, which can then use the passwords to conduct fraudulent transactions.