You just can't keep Apple's iPhone out of the news. Amid rumours of a cheaper iPhone due out later this year – and the debunking of those rumours – the cyber-crooks are capitalising on the hype to trick wanna-be users on to a phishing site.
On Monday an analyst at JP Morgan said a cheaper iPhone, similar to to iPod Nano, would be launched soon. He based his prediction on confidential conversations and a patent filed by Apple last week.
The yesterday, other analysts at the same company expressed doubt about the initial report, saying it is more likely Apple will release a 3G version of the iPhone next.
However, they all believe a smaller and cheaper version of the iPhone will debut – but it could take up to two years.
Meanwhile the launch of iPhone is being exploited by cyber-crooks for financial gain. A tool that controls a botnet made up of over 7 500 zombie computers infected by the Aifone.A bot Trojan has been discovered by Pandalabs.
If the user of an infected PC tries to buy an iPhone online, their confidential data might end up in the hands of cyber-criminals.
The tool has a series of features that allow cyber-crooks to take users of infected computers to a false page that appears to be the iPhone official page. As a result, if the user tries to buy the phone from the spoof page, they will actually be giving their bank details to cyber-criminals.
One of the tabs in the tool, called “REDIRECTS ADMIN”, allows criminals to specify the web pages that the bot must redirect and where they must be redirected to. In this case, the tool sends users that want to visit the iPhone official pages to a false web page.
Another tab, “SEARCH REDIR”, is used to specify the results that the Trojan must display when the infected user performs an Internet search and where they should be redirected to when they click any of the links. Obviously, this will be the false page.
In section “INJECTS ADMIN” it is possible to indicate the links that the Aifone.A Trojan must modify. As a consequence, if the user visits a web page that contains a link to a page dealing with iPhone, they will also be redirected to the false page.
Other tabs, “POPUPS ADMIN” and “BANNERS ADMIN”, allow cyber-crooks to display pop-ups and banners with advertising about iPhone on the infected computer. This aims at enticing users to visit the spoofed Web page and buy the phone from it.
“This is one of the most sophisticated attacks we have seen targeting a user community, in this case iPhone users," says Luis Corrons, technical director of PandaLabs. "It is a really complex, dangerous attack that combines elements of malware (the Trojan), phishing (the spoofed web page) and even adware (pop-ups, modification of search results, etc)."