New malware exploits iPhone popularity
Users warned that email promising free iPhone downloads rootkit-based malware that turns host into zombie.
Hackers are using the buzz surrounding the launch of Apple's new iPhone to spread malware, according to new research.
Email recipients are sent a bogus email informing them that they have won a new iPhone, in reality the email contained malware designed to subvert and compromise the user's computer. The subject of the message is "Congratulations, you have won a new iPhone from our store!"
Should the victim fall for the social engineering attack, clicking on a link directs the user's browser to a web page that contains malware that exploits 10 Active X vulnerabilities in order to install a malicious payload including an MSODataSourceControl vulnerability.
In a bid to hide itself from security researchers, the website tracks visitors on the site and then redirects repeat visitors to a different, clean web page. The attack also uses XOR encryption to obfuscate itself.
The malware attempts to compromise the computer and turn it into part of a botnet, churning out spam. The malware is also rootkit-based, so a hacker can update the malware to become a keylogger if necessary.
Experts said that this latest attack confirms the trend in web-based malware.
"This threat is particularly insidious in that scripts within the HTML code returned to the user contain exploit code for multiple vulnerabilities to improve the malicious hacker's chances of gaining the necessary access to install the rootkit /spam bot malware," said Paul Henry, vice president of technology evangelism at IT security company Secure Computing.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"While most organisations fully inspect the traffic directed to their internet facing web servers, many do not inspect the traffic that is returned to their internal users when visiting internet web sites," he said.
Henry said that the popularity of the new iPhone meant that this attack would be the first of many scams involving the Apple mobile phone.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.