Hackers lure victims to fake iPhone website

gallery

Hackers are targeting prospective iPhone users with a fake website that steals personal information from unsuspecting victims, according to experts.

Researchers at anti-virus company Panda Software discovered that cybercriminals have developed a trojan, called Aifone.A, that takes control of a user's computer and then directs the victim to a fake iPhone website. The fake page asks users to enter their bank details in return for the new Apple device.

The hackers used a new malware creation tool to develop the trojan and this malware can even create pop-ups and ads on the compromised computer's browser that link to the fake website.

The tool to develop the trojan has a tab that specifies what web pages the bot must redirect from and to. In this case, the tool sends users that want to visit the iPhone official pages to a false web page.

Another tab in the tool allows hackers to subvert user's search queries to lead again to a fake website.

"This is one of the most sophisticated attacks we have seen targeting a user community, in this case iPhone users. It is a really complex, dangerous attack that combines elements of malware, phishing and even adware," said Luis Corrons, technical director at PandaLabs.

"The real danger behind this attack is the fact that, in the same way that it is now being used to affect users that want to buy an iPhone, it could be slightly modified and used to affect users interested in any other product, or even several groups of users simultaneously, which would increase the cyber-criminals' chances of success," he said.

Email to a friend

Print this page