HellasVagabond
New Member
- Joined
- Jan 19, 2007
- Messages
- 3,376 (0.54/day)
- Location
- Athens , GREECE
System Name | SECONDARY RIG / PRIMARY RIG / THIRD RIG |
---|---|
Processor | i920@3.6GHz / i920@4GHz / AMD Phenom II 955 |
Motherboard | Gigabyte EX58-UD4P / Gigabyte EX58-UD7 / ASRock 890GX3 |
Cooling | CoolIT Domino ALC / Thermalright Silver Arrow / Thermalright VenomousX |
Memory | 12GB DDR3 @ 1800MHZ / 6GB DDR3 @ 2250MHZ / 4GB DDR3 @ 1600MHZ |
Video Card(s) | XFX ATI RADEON 5970 / GAINWARD NVIDIA GTX 580 / 2xGEFORCE GTX295 |
Storage | 1550GB / 6TB SAS - SSD / 160GB SSD |
Display(s) | NEC 26WUXi2 / NEC 3090WQXi / SONY 55A2000 (1080P 55inch) |
Case | COOLER MASTER HAF 932 / COOLER MASTER ATCS 840 / ANTEC DARKFLEET DF85 |
Audio Device(s) | Soundblaster X-Fi Xtreme Music / SoundBlaster X-Fi Fatal1ty Pro / Realtek Onboard |
Power Supply | CWT 1200W / Enermax Revolution 85+ 1250W / Ikonik Vulcan 1200W |
Software | Windows 7 x64 / Windows 7 x64 / Windows 7 x64 |
APPLE Worm Uncovered
The launch of iPhone is being exploited by cyber-crooks for financial gain. PandaLabs has uncovered a tool that controls a botnet made up of over 7,500 zombie computers infected by the Aifone.A bot Trojan. If the user of an infected PC tries to buy an iPhone online, their confidential data might end up in the hands of cyber-criminals.
The tool uncovered by PandaLabs has a series of features that allow cyber-crooks to take users of infected computers to a false page that appears to be the iPhone official page. As a result, if the user tries to buy the phone from the spoof page, they will actually be giving their bank details to cyber-criminals.
One of the tabs in the tool, called "REDIRECTS ADMIN", allows criminals to specify the web pages that the bot must redirect and where they must be redirected to. In this case, the tool sends users that want to visit the iPhone official pages to a false web page.
Another tab, "SEARCH REDIR", is used to specify the results that the Trojan must display when the infected user performs an Internet search and where they should be redirected to when they click any of the links. Obviously, this will be the false page.
In section "INJECTS ADMIN" it is possible to indicate the links that the Aifone.A Trojan must modify. As a consequence, if the user visits a web page that contains a link to a page dealing with iPhone, they will also be redirected to the false page.
Other tabs, "POPUPS ADMIN" and "BANNERS ADMIN", allow cyber-crooks to display pop-ups and banners with advertising about iPhone on the infected computer. This aims at enticing users to visit the spoofed web page and buy the phone from it.
"This is one of the most sophisticated attacks we have seen targeting a user community, in this case iPhone users. It is a really complex, dangerous attack that combines elements of malware (the Trojan), phishing (the spoofed web page) and even adware (pop-ups, modification of search results, etc.)", explains Luis Corrons, Technical Director of PandaLabs.
The real danger behind this attack is the fact that, in the same way that it is now being used to affect users that want to buy an iPhone, it could be slightly modified and used to affect users interested in any other product, or even several groups of users simultaneously, which would increase the cyber-criminals' chances of success.
View at TechPowerUp Main Site
The launch of iPhone is being exploited by cyber-crooks for financial gain. PandaLabs has uncovered a tool that controls a botnet made up of over 7,500 zombie computers infected by the Aifone.A bot Trojan. If the user of an infected PC tries to buy an iPhone online, their confidential data might end up in the hands of cyber-criminals.
The tool uncovered by PandaLabs has a series of features that allow cyber-crooks to take users of infected computers to a false page that appears to be the iPhone official page. As a result, if the user tries to buy the phone from the spoof page, they will actually be giving their bank details to cyber-criminals.
One of the tabs in the tool, called "REDIRECTS ADMIN", allows criminals to specify the web pages that the bot must redirect and where they must be redirected to. In this case, the tool sends users that want to visit the iPhone official pages to a false web page.
Another tab, "SEARCH REDIR", is used to specify the results that the Trojan must display when the infected user performs an Internet search and where they should be redirected to when they click any of the links. Obviously, this will be the false page.
In section "INJECTS ADMIN" it is possible to indicate the links that the Aifone.A Trojan must modify. As a consequence, if the user visits a web page that contains a link to a page dealing with iPhone, they will also be redirected to the false page.
Other tabs, "POPUPS ADMIN" and "BANNERS ADMIN", allow cyber-crooks to display pop-ups and banners with advertising about iPhone on the infected computer. This aims at enticing users to visit the spoofed web page and buy the phone from it.
"This is one of the most sophisticated attacks we have seen targeting a user community, in this case iPhone users. It is a really complex, dangerous attack that combines elements of malware (the Trojan), phishing (the spoofed web page) and even adware (pop-ups, modification of search results, etc.)", explains Luis Corrons, Technical Director of PandaLabs.
The real danger behind this attack is the fact that, in the same way that it is now being used to affect users that want to buy an iPhone, it could be slightly modified and used to affect users interested in any other product, or even several groups of users simultaneously, which would increase the cyber-criminals' chances of success.
View at TechPowerUp Main Site
Last edited: