New malware exploits iPhone popularity

gallery

Hackers are using the buzz surrounding the launch of Apple's new iPhone to spread malware, according to new research.

Email recipients are sent a bogus email informing them that they have won a new iPhone, in reality the email contained malware designed to subvert and compromise the user's computer. The subject of the message is "Congratulations, you have won a new iPhone from our store!"

Should the victim fall for the social engineering attack, clicking on a link directs the user's browser to a web page that contains malware that exploits 10 Active X vulnerabilities in order to install a malicious payload including an MSODataSourceControl vulnerability.

In a bid to hide itself from security researchers, the website tracks visitors on the site and then redirects repeat visitors to a different, clean web page. The attack also uses XOR encryption to obfuscate itself.

The malware attempts to compromise the computer and turn it into part of a botnet, churning out spam. The malware is also rootkit-based, so a hacker can update the malware to become a keylogger if necessary.

Experts said that this latest attack confirms the trend in web-based malware.

"This threat is particularly insidious in that scripts within the HTML code returned to the user contain exploit code for multiple vulnerabilities to improve the malicious hacker's chances of gaining the necessary access to install the rootkit /spam bot malware," said Paul Henry, vice president of technology evangelism at IT security company Secure Computing.

"While most organisations fully inspect the traffic directed to their internet facing web servers, many do not inspect the traffic that is returned to their internal users when visiting internet web sites," he said.

Henry said that the popularity of the new iPhone meant that this attack would be the first of many scams involving the Apple mobile phone.

Email to a friend

Print this page