Breaking news from Poland today: A variant of the ZeuS trojan is targeting the mobile phone based, two-factor authentication used by ING Bank Slaski (Polish ING Bank).
ZeuS Mitmo is designed to steal mTANs, and computers infected with a ZeuS Mitmo trojan will inject a "security notification" into the Web banking process, attempting to lure the user into providing their phone number. If a phone number is provided, the user will receive an SMS link pointing to the mobile component, ZeusMitmo.
—————
Updated to add on February 23rd: SHA1 hashes related to this case (thank you, Piotr).
Updated to add on February 24th: Nokia has revoked the certificate used by Symbian based ZeusMitmo.B.
For this to have a practical effect, you should configure your Symbian phone to perform an online certificate check by default. See our March 26, 2010 post for details.
There's also a Windows Mobile binary associated with this new Mitmo case. Axelle Apvrille has written about it over on Fortinet's blog.
Here's the SHA1 and our detection name: Trojan-Spy:WinCE/ZeusMitmo.A: e93d8723c23523fc064d331bd97985fe3280ea09