1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

APPLE iPhone Worm Uncovered

Discussion in 'News' started by HellasVagabond, Jul 14, 2007.

  1. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.19/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    APPLE Worm Uncovered

    The launch of iPhone is being exploited by cyber-crooks for financial gain. PandaLabs has uncovered a tool that controls a botnet made up of over 7,500 zombie computers infected by the Aifone.A bot Trojan. If the user of an infected PC tries to buy an iPhone online, their confidential data might end up in the hands of cyber-criminals.

    The tool uncovered by PandaLabs has a series of features that allow cyber-crooks to take users of infected computers to a false page that appears to be the iPhone official page. As a result, if the user tries to buy the phone from the spoof page, they will actually be giving their bank details to cyber-criminals.

    One of the tabs in the tool, called “REDIRECTS ADMIN”, allows criminals to specify the web pages that the bot must redirect and where they must be redirected to. In this case, the tool sends users that want to visit the iPhone official pages to a false web page.

    Another tab, “SEARCH REDIR”, is used to specify the results that the Trojan must display when the infected user performs an Internet search and where they should be redirected to when they click any of the links. Obviously, this will be the false page.

    In section “INJECTS ADMIN” it is possible to indicate the links that the Aifone.A Trojan must modify. As a consequence, if the user visits a web page that contains a link to a page dealing with iPhone, they will also be redirected to the false page.

    Other tabs, “POPUPS ADMIN” and “BANNERS ADMIN”, allow cyber-crooks to display pop-ups and banners with advertising about iPhone on the infected computer. This aims at enticing users to visit the spoofed web page and buy the phone from it.

    “This is one of the most sophisticated attacks we have seen targeting a user community, in this case iPhone users. It is a really complex, dangerous attack that combines elements of malware (the Trojan), phishing (the spoofed web page) and even adware (pop-ups, modification of search results, etc.)”, explains Luis Corrons, Technical Director of PandaLabs.

    The real danger behind this attack is the fact that, in the same way that it is now being used to affect users that want to buy an iPhone, it could be slightly modified and used to affect users interested in any other product, or even several groups of users simultaneously, which would increase the cyber-criminals’ chances of success.

    Source: Panda
     
    Last edited: Jul 14, 2007
  2. Dippyskoodlez

    Joined:
    Jul 1, 2005
    Messages:
    5,095 (1.48/day)
    Thanks Received:
    238
    Location:
    Kansas City, KS
    Wait.... what?

    The only thing this has to do with an iphone is..... when someone is trying to buy it online.. That title is clearly misleading. Its not an "iphone" worm, its a "windows worm" that parses iPhone related searches...

    They don't mention anything about redirecting iTunes activation pages (which are key to iPhone activation) so apparently this is just redirecting a user to webpages to buy a phone online...

    Move along, nothing special but the average windows trojans...
     
    Last edited: Jul 14, 2007
  3. HellasVagabond New Member

    Joined:
    Jan 19, 2007
    Messages:
    3,404 (1.19/day)
    Thanks Received:
    162
    Location:
    Athens , GREECE
    My bad...Happens when you read fast :p
     
  4. WarEagleAU

    WarEagleAU Bird of Prey

    Joined:
    Jul 9, 2006
    Messages:
    10,804 (3.53/day)
    Thanks Received:
    547
    Location:
    Gurley, AL
    I was gonna say, wow, I didnt think Apple could get worms or viruses. The way a few folks on here make Apple sound, its invincible.
     
  5. Dippyskoodlez

    Joined:
    Jul 1, 2005
    Messages:
    5,095 (1.48/day)
    Thanks Received:
    238
    Location:
    Kansas City, KS
    Hey, I enjoy my (current) God mode for the internet.

    Don't be jealous. :cool:

    Everything's susceptible to a virus or worm should one be 1.) Made and 2.) an exploit remain vulnerable for that virus or worm to take advantage of said exploit.


    This worm sounds a lot like the old sub-22 or something from a long time ago... a trojan that gave a remote user all kinds of fun controls.
     
  6. FatForester New Member

    Joined:
    Mar 14, 2007
    Messages:
    971 (0.34/day)
    Thanks Received:
    151
    -Reads thread... then yawns-

    I will laugh the day macs become popular enough that people will actually BOTHER writing viruses for them.
     
    Benpi says thanks.
  7. Dippyskoodlez

    Joined:
    Jul 1, 2005
    Messages:
    5,095 (1.48/day)
    Thanks Received:
    238
    Location:
    Kansas City, KS
    Until then, it doesn't matter :pimp:
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page